ModSecurity is a highly effective firewall for Apache web servers that's used to prevent attacks toward web applications. It keeps track of the HTTP traffic to a certain website in real time and prevents any intrusion attempts as soon as it detects them. The firewall relies on a set of rules to accomplish that - for example, trying to log in to a script administration area without success several times sets off one rule, sending a request to execute a certain file which could result in getting access to the site triggers a different rule, etcetera. ModSecurity is amongst the best firewalls around and it will protect even scripts that aren't updated frequently since it can prevent attackers from employing known exploits and security holes. Quite thorough information about each and every intrusion attempt is recorded and the logs the firewall maintains are much more specific than the conventional logs generated by the Apache server, so you could later take a look at them and decide if you need to take additional measures so as to increase the safety of your script-driven Internet sites.

ModSecurity in Cloud Hosting

ModSecurity comes standard with all cloud hosting packages that we provide and it'll be turned on automatically for any domain or subdomain which you add/create inside your Hepsia hosting Control Panel. The firewall has 3 different modes, so you could activate and deactivate it with simply a click or set it to detection mode, so it will keep a log of all attacks, but it shall not do anything to prevent them. The log for each of your Internet sites shall contain in-depth information including the nature of the attack, where it originated from, what action was taken by ModSecurity, etc. The firewall rules that we use are frequently updated and include both commercial ones we get from a third-party security business and custom ones that our system admins include in case that they detect a new kind of attacks. In this way, the Internet sites that you host here will be far more secure with no action required on your end.

ModSecurity in Semi-dedicated Servers

We have included ModSecurity by default in all semi-dedicated server packages, so your web apps will be protected as soon as you install them under any domain or subdomain. The Hepsia Control Panel which comes with the semi-dedicated accounts will allow you to switch on or turn off the firewall for any site with a mouse click. You'll also have the ability to turn on a passive detection mode with which ModSecurity shall maintain a log of potential attacks without actually stopping them. The comprehensive logs contain the nature of the attack and what ModSecurity response this attack triggered, where it originated from, and so forth. The list of rules we use is frequently updated in order to match any new threats which might appear on the Internet and it features both commercial rules that we get from a security firm and custom-written ones which our administrators include if they discover a threat which is not present in the commercial list yet.

ModSecurity in VPS Servers

Protection is essential to us, so we set up ModSecurity on all VPS servers that are provided with the Hepsia CP by default. The firewall could be managed through a dedicated section within Hepsia and is activated automatically when you add a new domain or create a subdomain, so you won't need to do anything by hand. You will also be able to disable it or turn on the so-called detection mode, so it'll keep a log of potential attacks which you can later study, but won't block them. The logs in both passive and active modes contain information about the form of the attack and how it was stopped, what IP it came from and other useful information which may help you to tighten the security of your websites by updating them or blocking IPs, for instance. In addition to the commercial rules which we get for ModSecurity from a third-party security firm, we also use our own rules as every now and then we discover specific attacks that are not yet present in the commercial pack. That way, we can easily improve the security of your Virtual private server right away as opposed to waiting for an official update.

ModSecurity in Dedicated Servers

ModSecurity is offered by default with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain you host or subdomain you create on the hosting server. In case that a web application doesn't function properly, you could either switch off the firewall or set it to operate in passive mode. The second means that ModSecurity will keep a log of any potential attack that may occur, but shall not take any action to stop it. The logs created in active or passive mode shall give you additional details about the exact file which was attacked, the type of the attack and the IP address it originated from, and so forth. This info shall allow you to choose what actions you can take to improve the security of your websites, such as blocking IPs or performing script and plugin updates. The ModSecurity rules we use are updated frequently with a commercial bundle from a third-party security enterprise we work with, but sometimes our admins include their own rules too in the event that they discover a new potential threat.