ModSecurity is an effective firewall for Apache web servers that's used to prevent attacks against web applications. It keeps track of the HTTP traffic to a specific Internet site in real time and blocks any intrusion attempts the moment it detects them. The firewall relies on a set of rules to accomplish that - as an example, attempting to log in to a script administration area without success many times triggers one rule, sending a request to execute a particular file that may result in gaining access to the Internet site triggers another rule, etcetera. ModSecurity is amongst the best firewalls out there and it will protect even scripts that are not updated frequently since it can prevent attackers from employing known exploits and security holes. Very thorough information about each and every intrusion attempt is recorded and the logs the firewall maintains are far more specific than the conventional logs generated by the Apache server, so you may later examine them and determine if you need to take additional measures in order to increase the security of your script-driven sites.

ModSecurity in Cloud Website Hosting

We provide ModSecurity with all cloud website hosting packages, so your Internet applications will be protected against harmful attacks. The firewall is switched on as standard for all domains and subdomains, but in case you'd like, you will be able to stop it using the respective part of your Hepsia Control Panel. You'll be able to also activate a detection mode, so ModSecurity shall keep a log as intended, but shall not take any action. The logs which you'll find inside Hepsia are incredibly detailed and include info about the nature of any attack, when it transpired and from what IP address, the firewall rule which was triggered, and so on. We use a range of commercial rules that are often updated, but sometimes our admins add custom rules as well so as to better protect the Internet sites hosted on our servers.

ModSecurity in Semi-dedicated Servers

We have included ModSecurity by default in all semi-dedicated server plans, so your web apps shall be protected whenever you set them up under any domain or subdomain. The Hepsia CP which comes with the semi-dedicated accounts will allow you to activate or disable the firewall for any website with a click. You will also be able to activate a passive detection mode with which ModSecurity will keep a log of possible attacks without really preventing them. The thorough logs include the nature of the attack and what ModSecurity response that attack triggered, where it originated from, etc. The list of rules we employ is regularly updated in order to match any new risks that might appear on the Internet and it features both commercial rules that we get from a security company and custom-written ones which our admins add in the event that they find a threat that's not present inside the commercial list yet.

ModSecurity in VPS Servers

Safety is of the utmost importance to us, so we set up ModSecurity on all VPS servers that are made available with the Hepsia Control Panel by default. The firewall could be managed via a dedicated section inside Hepsia and is activated automatically when you include a new domain or create a subdomain, so you'll not have to do anything personally. You shall also be able to deactivate it or turn on the so-called detection mode, so it will maintain a log of potential attacks you can later analyze, but will not block them. The logs in both passive and active modes contain information regarding the type of the attack and how it was eliminated, what IP address it came from and other important data that might help you to tighten the security of your sites by updating them or blocking IPs, as an example. Beyond the commercial rules that we get for ModSecurity from a third-party security enterprise, we also implement our own rules as once in a while we detect specific attacks that aren't yet present inside the commercial package. This way, we could increase the security of your Virtual private server immediately as opposed to waiting for an official update.

ModSecurity in Dedicated Servers

ModSecurity is offered by default with all dedicated servers which are set up with the Hepsia CP and is set to “Active” automatically for any domain you host or subdomain which you create on the server. In case that a web application doesn't operate correctly, you could either turn off the firewall or set it to operate in passive mode. The latter means that ModSecurity shall keep a log of any possible attack that may happen, but will not take any action to stop it. The logs created in active or passive mode shall present you with more details about the exact file which was attacked, the nature of the attack and the IP address it originated from, etcetera. This information shall permit you to decide what actions you can take to increase the security of your Internet sites, including blocking IPs or performing script and plugin updates. The ModSecurity rules which we employ are updated often with a commercial pack from a third-party security enterprise we work with, but sometimes our administrators include their own rules too in the event that they find a new potential threat.