ModSecurity is a highly effective firewall for Apache web servers that is employed to prevent attacks against web applications. It keeps track of the HTTP traffic to a particular site in real time and stops any intrusion attempts as soon as it discovers them. The firewall relies on a set of rules to accomplish that - for instance, trying to log in to a script administrator area without success many times sets off one rule, sending a request to execute a particular file which may result in accessing the Internet site triggers another rule, etc. ModSecurity is one of the best firewalls around and it'll secure even scripts that aren't updated on a regular basis since it can prevent attackers from employing known exploits and security holes. Incredibly detailed data about every intrusion attempt is recorded and the logs the firewall keeps are considerably more detailed than the regular logs created by the Apache server, so you can later take a look at them and decide if you need to take extra measures so as to boost the safety of your script-driven Internet sites.

ModSecurity in Shared Website Hosting

ModSecurity is offered with every single shared website hosting plan which we offer and it's switched on by default for every domain or subdomain that you add via your Hepsia Control Panel. In case it interferes with any of your programs or you'd like to disable it for any reason, you shall be able to do this through the ModSecurity area of Hepsia with just a click. You can also use a passive mode, so the firewall will detect potential attacks and keep a log, but won't take any action. You can view comprehensive logs in the exact same section, including the IP address where the attack came from, exactly what the attacker attempted to do and at what time, what ModSecurity did, and so forth. For optimum protection of our clients we use a group of commercial firewall rules combined with custom ones that are added by our system admins.

ModSecurity in Semi-dedicated Servers

We've integrated ModSecurity by default within all semi-dedicated server packages, so your web applications shall be protected as soon as you install them under any domain or subdomain. The Hepsia CP that is included with the semi-dedicated accounts shall allow you to activate or disable the firewall for any website with a mouse click. You'll also be able to switch on a passive detection mode through which ModSecurity shall maintain a log of potential attacks without really preventing them. The thorough logs include the nature of the attack and what ModSecurity response this attack activated, where it came from, and so forth. The list of rules we use is frequently updated as to match any new threats that could appear on the Internet and it consists of both commercial rules that we get from a security firm and custom-written ones that our administrators include in case they discover a threat which is not present inside the commercial list yet.

ModSecurity in VPS Servers

Protection is of the utmost importance to us, so we set up ModSecurity on all VPS servers which are set up with the Hepsia Control Panel by default. The firewall could be managed through a dedicated section in Hepsia and is turned on automatically when you include a new domain or create a subdomain, so you won't have to do anything personally. You shall also be able to deactivate it or turn on the so-called detection mode, so it will maintain a log of possible attacks you can later analyze, but shall not stop them. The logs in both passive and active modes contain info regarding the type of the attack and how it was eliminated, what IP address it originated from and other valuable info that may help you to tighten the security of your websites by updating them or blocking IPs, for example. Beyond the commercial rules we get for ModSecurity from a third-party security company, we also employ our own rules as occasionally we discover specific attacks that are not yet present inside the commercial pack. This way, we could enhance the protection of your Virtual private server promptly rather than awaiting an official update.

ModSecurity in Dedicated Servers

ModSecurity is offered as standard with all dedicated servers that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain that you host or subdomain you create on the server. In the event that a web app doesn't function properly, you may either disable the firewall or set it to operate in passive mode. The second means that ModSecurity shall keep a log of any possible attack that may happen, but will not take any action to stop it. The logs produced in active or passive mode shall offer you more details about the exact file that was attacked, the type of the attack and the IP it came from, and so forth. This data will permit you to determine what actions you can take to enhance the security of your websites, including blocking IPs or carrying out script and plugin updates. The ModSecurity rules which we employ are updated frequently with a commercial bundle from a third-party security firm we work with, but from time to time our staff include their own rules as well in the event that they identify a new potential threat.