ModSecurity is a highly effective firewall for Apache web servers that is employed to prevent attacks toward web applications. It monitors the HTTP traffic to a particular site in real time and stops any intrusion attempts as soon as it detects them. The firewall uses a set of rules to do that - for instance, trying to log in to a script admin area without success many times triggers one rule, sending a request to execute a specific file that may result in getting access to the site triggers another rule, etc. ModSecurity is one of the best firewalls available on the market and it'll secure even scripts which aren't updated frequently because it can prevent attackers from employing known exploits and security holes. Incredibly thorough info about each and every intrusion attempt is recorded and the logs the firewall maintains are much more comprehensive than the conventional logs generated by the Apache server, so you can later examine them and determine if you need to take additional measures in order to boost the security of your script-driven websites.

ModSecurity in Shared Hosting

ModSecurity is available with each and every shared hosting package which we offer and it's turned on by default for every domain or subdomain that you add through your Hepsia Control Panel. In case it disrupts any of your apps or you would like to disable it for whatever reason, you will be able to do that through the ModSecurity area of Hepsia with just a mouse click. You can also use a passive mode, so the firewall will recognize possible attacks and keep a log, but shall not take any action. You could see extensive logs in the same section, including the IP address where the attack originated from, what exactly the attacker attempted to do and at what time, what ModSecurity did, etc. For optimum protection of our customers we use a set of commercial firewall rules mixed with custom ones which are provided by our system admins.

ModSecurity in Semi-dedicated Servers

We've included ModSecurity by default within all semi-dedicated server products, so your web applications will be protected as soon as you install them under any domain or subdomain. The Hepsia Control Panel that comes with the semi-dedicated accounts will allow you to activate or disable the firewall for any site with a click. You will also have the ability to switch on a passive detection mode in which ModSecurity shall maintain a log of possible attacks without really stopping them. The thorough logs include things like the nature of the attack and what ModSecurity response that attack caused, where it originated from, etcetera. The list of rules that we use is regularly updated in order to match any new threats which may appear on the Internet and it includes both commercial rules that we get from a security firm and custom-written ones which our admins add if they find a threat that is not present in the commercial list yet.

ModSecurity in VPS Servers

Security is vital to us, so we install ModSecurity on all VPS servers which are made available with the Hepsia Control Panel by default. The firewall can be managed via a dedicated section in Hepsia and is switched on automatically when you include a new domain or create a subdomain, so you won't need to do anything manually. You shall also be able to deactivate it or activate the so-called detection mode, so it'll maintain a log of potential attacks you can later examine, but will not prevent them. The logs in both passive and active modes contain information about the type of the attack and how it was eliminated, what IP it came from and other valuable info that may help you to tighten the security of your sites by updating them or blocking IPs, for instance. Besides the commercial rules we get for ModSecurity from a third-party security firm, we also implement our own rules because occasionally we identify specific attacks that aren't yet present in the commercial pack. That way, we could enhance the protection of your Virtual private server immediately rather than awaiting a certified update.

ModSecurity in Dedicated Servers

ModSecurity is offered as standard with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain which you host or subdomain you create on the hosting server. Just in case that a web app does not function correctly, you could either turn off the firewall or set it to operate in passive mode. The second means that ModSecurity will keep a log of any possible attack that might occur, but will not take any action to stop it. The logs created in passive or active mode shall provide you with more details about the exact file that was attacked, the type of the attack and the IP address it originated from, etcetera. This info shall permit you to choose what actions you can take to increase the safety of your sites, including blocking IPs or performing script and plugin updates. The ModSecurity rules which we use are updated constantly with a commercial pack from a third-party security provider we work with, but oftentimes our staff include their own rules too when they find a new potential threat.