ModSecurity is an efficient firewall for Apache web servers which is employed to stop attacks toward web applications. It monitors the HTTP traffic to a certain website in real time and prevents any intrusion attempts the moment it detects them. The firewall relies on a set of rules to accomplish that - for example, trying to log in to a script administrator area unsuccessfully a few times sets off one rule, sending a request to execute a certain file that may result in getting access to the Internet site triggers a different rule, etcetera. ModSecurity is amongst the best firewalls available and it'll secure even scripts which aren't updated regularly since it can prevent attackers from using known exploits and security holes. Very thorough info about each intrusion attempt is recorded and the logs the firewall maintains are considerably more specific than the conventional logs provided by the Apache server, so you could later take a look at them and decide whether you need to take additional measures in order to enhance the security of your script-driven websites.

ModSecurity in Shared Web Hosting

We provide ModSecurity with all shared web hosting solutions, so your Internet apps shall be resistant to destructive attacks. The firewall is activated as standard for all domains and subdomains, but in case you would like, you will be able to stop it via the respective section of your Hepsia CP. You can also switch on a detection mode, so ModSecurity will keep a log as intended, but shall not take any action. The logs that you'll discover within Hepsia are incredibly detailed and offer info about the nature of any attack, when it occurred and from what IP, the firewall rule which was triggered, and so forth. We employ a group of commercial rules which are often updated, but sometimes our admins include custom rules as well in order to efficiently protect the Internet sites hosted on our servers.

ModSecurity in Semi-dedicated Hosting

We've integrated ModSecurity by default inside all semi-dedicated hosting products, so your web apps shall be protected the instant you set them up under any domain or subdomain. The Hepsia CP that is included with the semi-dedicated accounts shall allow you to enable or disable the firewall for any Internet site with a click. You shall also be able to activate a passive detection mode through which ModSecurity will maintain a log of potential attacks without actually preventing them. The detailed logs include things like the nature of the attack and what ModSecurity response that attack triggered, where it originated from, and so on. The list of rules we employ is constantly updated in order to match any new risks which might appear on the Internet and it includes both commercial rules that we get from a security corporation and custom-written ones that our admins include if they discover a threat that's not present in the commercial list yet.

ModSecurity in VPS

Safety is extremely important to us, so we install ModSecurity on all virtual private servers which are set up with the Hepsia Control Panel as a standard. The firewall could be managed through a dedicated section inside Hepsia and is turned on automatically when you add a new domain or create a subdomain, so you won't have to do anything manually. You will also be able to disable it or turn on the so-called detection mode, so it'll maintain a log of possible attacks you can later study, but shall not block them. The logs in both passive and active modes contain info regarding the form of the attack and how it was eliminated, what IP it came from and other useful data that could help you to tighten the security of your websites by updating them or blocking IPs, for instance. On top of the commercial rules we get for ModSecurity from a third-party security company, we also implement our own rules as once in a while we identify specific attacks which aren't yet present inside the commercial group. This way, we can increase the protection of your VPS instantly instead of waiting for a certified update.

ModSecurity in Dedicated Hosting

ModSecurity is available as standard with all dedicated servers that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain which you host or subdomain you create on the web server. In the event that a web app does not operate adequately, you can either switch off the firewall or set it to function in passive mode. The second means that ModSecurity will maintain a log of any possible attack which could take place, but won't take any action to prevent it. The logs generated in passive or active mode shall give you more details about the exact file that was attacked, the type of the attack and the IP address it originated from, and so on. This info will permit you to decide what steps you can take to increase the security of your websites, such as blocking IPs or carrying out script and plugin updates. The ModSecurity rules which we use are updated regularly with a commercial bundle from a third-party security company we work with, but from time to time our administrators add their own rules also in the event that they discover a new potential threat.