ModSecurity is a powerful firewall for Apache web servers that's used to stop attacks against web apps. It keeps track of the HTTP traffic to a certain Internet site in real time and blocks any intrusion attempts the moment it discovers them. The firewall relies on a set of rules to accomplish that - as an example, attempting to log in to a script administration area without success many times activates one rule, sending a request to execute a certain file that could result in accessing the website triggers another rule, and so forth. ModSecurity is amongst the best firewalls available on the market and it will preserve even scripts which are not updated frequently as it can prevent attackers from employing known exploits and security holes. Incredibly thorough info about each intrusion attempt is recorded and the logs the firewall maintains are considerably more detailed than the regular logs created by the Apache server, so you may later examine them and decide whether you need to take additional measures in order to improve the security of your script-driven Internet sites.

ModSecurity in Hosting

ModSecurity is available on all hosting machines, so when you decide to host your websites with our organization, they will be protected against a wide array of attacks. The firewall is turned on as standard for all domains and subdomains, so there will be nothing you will need to do on your end. You'll be able to stop ModSecurity for any Internet site if needed, or to activate a detection mode, so that all activity will be recorded, but the firewall will not take any real action. You'll be able to view comprehensive logs from your Hepsia CP including the IP where the attack came from, what the attacker planned to do and how ModSecurity addressed the threat. Since we take the security of our customers' websites seriously, we use a collection of commercial rules which we take from one of the best firms that maintain such rules. Our admins also add custom rules to ensure that your websites will be shielded from as many threats as possible.

ModSecurity in Semi-dedicated Servers

ModSecurity is part of our semi-dedicated server solutions and if you choose to host your sites with our company, there shall not be anything special you'll have to do as the firewall is turned on by default for all domains and subdomains you include via your hosting Control Panel. If necessary, you could disable ModSecurity for a certain site or switch on the so-called detection mode in which case the firewall shall still work and record info, but will not do anything to prevent possible attacks against your websites. In depth logs shall be available within your Control Panel and you will be able to see what type of attacks happened, what security rules were triggered and how the firewall addressed the threats, what IP addresses the attacks came from, and so forth. We use 2 sorts of rules on our servers - commercial ones from a business which operates in the field of web security, and custom ones that our admins sometimes include to respond to newly found risks promptly.

ModSecurity in VPS Servers

ModSecurity is pre-installed on all VPS servers which are set up with the Hepsia hosting Control Panel, so your web apps will be protected from the second your server is ready. The firewall is activated by default for any domain or subdomain on the VPS, but if needed, you could deactivate it with a click from the corresponding section of Hepsia. You may also set it to work in detection mode, so it will maintain an extensive log of any possible attacks without taking any action to prevent them. The logs can be found inside the same section and provide details about the nature of the attack, what IP address it came from and what ModSecurity rule was activated to stop it. For optimum security, we employ not simply commercial rules from a company working in the field of web security, but also custom ones which our admins include manually so as to respond to new risks that are still not tackled in the commercial rules.

ModSecurity in Dedicated Servers

ModSecurity is provided as standard with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain that you host or subdomain that you create on the web server. In the event that a web app does not function properly, you may either switch off the firewall or set it to function in passive mode. The latter means that ModSecurity will maintain a log of any potential attack that could happen, but will not take any action to stop it. The logs generated in active or passive mode shall provide you with more details about the exact file that was attacked, the type of the attack and the IP address it originated from, and so on. This info will enable you to choose what steps you can take to enhance the security of your sites, for instance blocking IPs or carrying out script and plugin updates. The ModSecurity rules which we use are updated often with a commercial package from a third-party security enterprise we work with, but oftentimes our admins include their own rules too in case they come across a new potential threat.