ModSecurity is a highly effective firewall for Apache web servers that's used to stop attacks toward web applications. It monitors the HTTP traffic to a specific site in real time and prevents any intrusion attempts the instant it detects them. The firewall relies on a set of rules to do that - as an example, attempting to log in to a script admin area unsuccessfully a few times activates one rule, sending a request to execute a certain file that could result in gaining access to the website triggers a different rule, etc. ModSecurity is amongst the best firewalls available and it will secure even scripts that aren't updated regularly as it can prevent attackers from employing known exploits and security holes. Very detailed information about each and every intrusion attempt is recorded and the logs the firewall maintains are far more specific than the regular logs created by the Apache server, so you may later take a look at them and determine if you need to take additional measures so as to increase the security of your script-driven Internet sites.

ModSecurity in Cloud Website Hosting

We provide ModSecurity with all cloud website hosting solutions, so your Internet apps will be resistant to destructive attacks. The firewall is switched on as standard for all domains and subdomains, but in case you'd like, you'll be able to stop it via the respective section of your Hepsia CP. You'll be able to also switch on a detection mode, so ModSecurity shall keep a log as intended, but won't take any action. The logs that you will discover within Hepsia are extremely detailed and include info about the nature of any attack, when it occurred and from what IP, the firewall rule which was triggered, etc. We employ a set of commercial rules which are regularly updated, but sometimes our administrators include custom rules as well so as to efficiently protect the sites hosted on our servers.

ModSecurity in Semi-dedicated Servers

Any web application which you set up within your new semi-dedicated server account will be protected by ModSecurity since the firewall is provided with all our hosting plans and is switched on by default for any domain and subdomain you include or create via your Hepsia hosting Control Panel. You'll be able to manage ModSecurity through a dedicated area inside Hepsia where not simply could you activate or deactivate it completely, but you can also enable a passive mode, so the firewall shall not stop anything, but it'll still maintain a record of potential attacks. This normally requires only a click and you shall be able to look at the logs regardless if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was addressed, and so forth. The firewall uses 2 groups of rules on our machines - a commercial one that we get from a third-party web security provider and a custom one that our administrators update personally as to respond to recently discovered threats at the earliest opportunity.

ModSecurity in VPS Servers

All VPS servers which are offered with the Hepsia CP come with ModSecurity. The firewall is set up and switched on by default for all domains that are hosted on the web server, so there shall not be anything special which you'll have to do to protect your websites. It will take you a mouse click to stop ModSecurity if required or to activate its passive mode so that it records what goes on without taking any steps to stop intrusions. You shall be able to look at the logs produced in passive or active mode from the corresponding section of Hepsia and discover more about the type of the attack, where it came from, what rule the firewall employed to handle it, etcetera. We employ a combination of commercial and custom rules so as to ensure that ModSecurity shall block as many risks as possible, consequently improving the security of your web applications as much as possible.

ModSecurity in Dedicated Servers

ModSecurity is offered as standard with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain you host or subdomain that you create on the web server. In case that a web application does not work properly, you can either switch off the firewall or set it to function in passive mode. The latter means that ModSecurity shall maintain a log of any potential attack which may take place, but shall not take any action to prevent it. The logs produced in passive or active mode shall give you additional details about the exact file which was attacked, the form of the attack and the IP it originated from, and so on. This information will allow you to decide what actions you can take to increase the safety of your Internet sites, including blocking IPs or carrying out script and plugin updates. The ModSecurity rules we use are updated constantly with a commercial package from a third-party security provider we work with, but occasionally our administrators include their own rules also if they identify a new potential threat.