ModSecurity is a highly effective firewall for Apache web servers which is employed to stop attacks towards web applications. It monitors the HTTP traffic to a given website in real time and prevents any intrusion attempts the instant it detects them. The firewall uses a set of rules to do this - for example, attempting to log in to a script admin area unsuccessfully a few times sets off one rule, sending a request to execute a particular file which may result in gaining access to the website triggers a different rule, and so forth. ModSecurity is amongst the best firewalls on the market and it will preserve even scripts that are not updated regularly because it can prevent attackers from employing known exploits and security holes. Incredibly thorough information about every single intrusion attempt is recorded and the logs the firewall keeps are much more specific than the regular logs created by the Apache server, so you could later take a look at them and decide whether you need to take more measures so as to boost the safety of your script-driven sites.

ModSecurity in Cloud Web Hosting

ModSecurity comes standard with all cloud web hosting plans which we provide and it will be switched on automatically for any domain or subdomain which you add/create within your Hepsia hosting CP. The firewall has three different modes, so you'll be able to switch on and disable it with a mouse click or set it to detection mode, so it shall maintain a log of all attacks, but it will not do anything to prevent them. The log for any of your sites will feature comprehensive information including the nature of the attack, where it came from, what action was taken by ModSecurity, etc. The firewall rules which we use are frequently updated and comprise of both commercial ones that we get from a third-party security firm and custom ones which our system admins add in the event that they detect a new type of attacks. This way, the sites that you host here shall be way more secure without any action expected on your end.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server solutions which we offer include ModSecurity and given that the firewall is turned on by default, any Internet site you build under a domain or a subdomain will be secured right away. An independent section within the Hepsia CP which comes with the semi-dedicated accounts is devoted to ModSecurity and it'll allow you to start and stop the firewall for any Internet site or enable a detection mode. With the last option, ModSecurity will not take any action, but it will still recognize possible attacks and will keep all info inside a log as if it were 100% active. The logs can be found in the exact same section of the CP and they feature details about the IP where an attack came from, what its nature was, what rule ModSecurity applies to recognize and stop it, etc. The security rules that we use on our machines are a mix between commercial ones from a security business and custom ones developed by our system admins. Consequently, we provide increased security for your web apps as we can shield them from attacks before security businesses release updates for completely new threats.

ModSecurity in VPS Servers

ModSecurity is provided with all Hepsia-based VPS servers which we offer and it will be turned on automatically for every new domain or subdomain which you add on the hosting server. This way, any web app that you install shall be secured right from the start without doing anything by hand on your end. The firewall could be managed through the section of the CP that has the same name. This is the area in whichyou can disable ModSecurity or activate its passive mode, so it won't take any action against threats, but shall still maintain a thorough log. The recorded info is available in the same area as well and you will be able to see what IPs any attacks came from so that you can block them, what the nature of the attempted attacks was and based on what security rules ModSecurity responded. The rules we employ on our servers are a blend between commercial ones we get from a security company and custom ones which are included by our admins to maximize the protection of any web applications hosted on our end.

ModSecurity in Dedicated Servers

ModSecurity is provided by default with all dedicated servers which are set up with the Hepsia CP and is set to “Active” automatically for any domain you host or subdomain which you create on the web server. In the event that a web application does not operate properly, you can either disable the firewall or set it to work in passive mode. The second means that ModSecurity will keep a log of any possible attack that may occur, but won't take any action to stop it. The logs produced in passive or active mode will give you additional details about the exact file that was attacked, the form of the attack and the IP it came from, etc. This info shall allow you to decide what actions you can take to boost the protection of your Internet sites, for instance blocking IPs or performing script and plugin updates. The ModSecurity rules which we use are updated constantly with a commercial bundle from a third-party security enterprise we work with, but from time to time our staff include their own rules also in the event that they discover a new potential threat.