ModSecurity is a highly effective firewall for Apache web servers that is used to prevent attacks towards web applications. It tracks the HTTP traffic to a certain website in real time and stops any intrusion attempts as soon as it discovers them. The firewall relies on a set of rules to do this - as an illustration, trying to log in to a script administrator area unsuccessfully many times sets off one rule, sending a request to execute a certain file which could result in getting access to the Internet site triggers another rule, and so forth. ModSecurity is one of the best firewalls around and it'll preserve even scripts that aren't updated on a regular basis since it can prevent attackers from employing known exploits and security holes. Very thorough info about every single intrusion attempt is recorded and the logs the firewall maintains are much more comprehensive than the conventional logs provided by the Apache server, so you could later take a look at them and determine if you need to take extra measures in order to improve the security of your script-driven Internet sites.

ModSecurity in Hosting

ModSecurity is supplied with all hosting servers, so when you choose to host your Internet sites with our business, they shall be shielded from a wide range of attacks. The firewall is enabled by default for all domains and subdomains, so there'll be nothing you will have to do on your end. You will be able to stop ModSecurity for any Internet site if necessary, or to activate a detection mode, so all activity shall be recorded, but the firewall won't take any real action. You'll be able to view specific logs using your Hepsia CP including the IP address where the attack originated from, what the attacker wished to do and how ModSecurity handled the threat. As we take the safety of our customers' Internet sites very seriously, we employ a selection of commercial rules which we get from one of the top firms that maintain such rules. Our administrators also add custom rules to make sure that your sites will be resistant to as many threats as possible.

ModSecurity in Semi-dedicated Servers

Any web program you install within your new semi-dedicated server account shall be protected by ModSecurity because the firewall is provided with all our hosting packages and is switched on by default for any domain and subdomain that you include or create via your Hepsia hosting CP. You'll be able to manage ModSecurity via a dedicated section within Hepsia where not simply could you activate or deactivate it completely, but you can also enable a passive mode, so the firewall shall not stop anything, but it shall still maintain an archive of potential attacks. This normally requires simply a click and you will be able to see the logs regardless of if ModSecurity is in active or passive mode through the same section - what the attack was and where it came from, how it was handled, etc. The firewall uses two groups of rules on our servers - a commercial one that we get from a third-party web security firm and a custom one which our admins update personally in order to respond to newly discovered threats as soon as possible.

ModSecurity in VPS Servers

ModSecurity is included with all Hepsia-based VPS servers that we offer and it shall be turned on automatically for any new domain or subdomain that you add on the server. In this way, any web app that you install shall be secured from the very beginning without doing anything manually on your end. The firewall may be managed from the section of the CP that bears the same name. This is the location in whichyou could disable ModSecurity or let its passive mode, so it shall not take any action against threats, but shall still maintain a detailed log. The recorded info is available inside the same section as well and you'll be able to see what IPs any attacks came from to enable you to stop them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity reacted. The rules which we use on our servers are a combination between commercial ones which we get from a security firm and custom ones which are added by our admins to maximize the security of any web apps hosted on our end.

ModSecurity in Dedicated Servers

ModSecurity is offered by default with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain that you host or subdomain which you create on the hosting server. Just in case that a web app doesn't operate adequately, you can either disable the firewall or set it to operate in passive mode. The second means that ModSecurity shall maintain a log of any possible attack which may happen, but won't take any action to prevent it. The logs produced in active or passive mode shall give you additional details about the exact file that was attacked, the form of the attack and the IP address it originated from, and so on. This info will allow you to decide what measures you can take to improve the security of your Internet sites, including blocking IPs or performing script and plugin updates. The ModSecurity rules we use are updated regularly with a commercial pack from a third-party security company we work with, but from time to time our staff add their own rules too if they find a new potential threat.