ModSecurity is an effective firewall for Apache web servers that's used to stop attacks against web apps. It tracks the HTTP traffic to a given site in real time and stops any intrusion attempts the instant it identifies them. The firewall relies on a set of rules to accomplish that - for example, trying to log in to a script administration area unsuccessfully several times activates one rule, sending a request to execute a particular file which may result in accessing the website triggers another rule, and so forth. ModSecurity is one of the best firewalls on the market and it'll preserve even scripts which are not updated frequently since it can prevent attackers from using known exploits and security holes. Incredibly comprehensive information about each intrusion attempt is recorded and the logs the firewall keeps are a lot more comprehensive than the standard logs created by the Apache server, so you may later take a look at them and decide whether you need to take additional measures in order to boost the protection of your script-driven Internet sites.

ModSecurity in Shared Website Hosting

ModSecurity can be found with every single shared website hosting plan which we provide and it's switched on by default for every domain or subdomain that you include via your Hepsia CP. In the event that it interferes with any of your apps or you'd like to disable it for any reason, you shall be able to do that through the ModSecurity area of Hepsia with merely a click. You may also enable a passive mode, so the firewall will detect possible attacks and keep a log, but won't take any action. You can see detailed logs in the same section, including the IP where the attack came from, what exactly the attacker attempted to do and at what time, what ModSecurity did, and so on. For optimum protection of our clients we use a set of commercial firewall rules combined with custom ones which are added by our system admins.

ModSecurity in Semi-dedicated Servers

ModSecurity is a part of our semi-dedicated server packages and if you choose to host your websites with us, there shall not be anything special you will have to do as the firewall is turned on by default for all domains and subdomains that you include through your hosting Control Panel. If necessary, you can disable ModSecurity for a certain website or activate the so-called detection mode in which case the firewall will still function and record information, but will not do anything to stop possible attacks on your sites. Comprehensive logs will be accessible in your CP and you'll be able to see what sort of attacks occurred, what security rules were triggered and how the firewall handled the threats, what Internet protocol addresses the attacks came from, etc. We employ 2 types of rules on our servers - commercial ones from a firm which operates in the field of web security, and custom ones which our admins often add to respond to newly found threats promptly.

ModSecurity in VPS Servers

Protection is extremely important to us, so we install ModSecurity on all VPS servers that are provided with the Hepsia Control Panel as a standard. The firewall can be managed through a dedicated section in Hepsia and is switched on automatically when you add a new domain or create a subdomain, so you won't have to do anything personally. You'll also be able to deactivate it or switch on the so-called detection mode, so it shall keep a log of potential attacks that you can later study, but will not block them. The logs in both passive and active modes include information regarding the form of the attack and how it was stopped, what IP address it came from and other valuable data which could help you to tighten the security of your websites by updating them or blocking IPs, as an example. In addition to the commercial rules that we get for ModSecurity from a third-party security firm, we also implement our own rules because every now and then we discover specific attacks which aren't yet present in the commercial group. That way, we can enhance the protection of your Virtual private server in a timely manner as opposed to awaiting an official update.

ModSecurity in Dedicated Servers

All of our dedicated servers that are installed with the Hepsia hosting Control Panel feature ModSecurity, so any app you upload or install will be properly secured from the very beginning and you'll not have to stress about common attacks or vulnerabilities. An individual section inside Hepsia will allow you to start or stop the firewall for each domain or subdomain, or switch on a detection mode so that it records information regarding intrusions, but does not take actions to prevent them. What you'll discover in the logs shall allow you to to secure your websites better - the IP an attack came from, what website was attacked and exactly how, what ModSecurity rule was triggered, etc. With this info, you can see if a website needs an update, if you ought to block IPs from accessing your server, etc. On top of the third-party commercial security rules for ModSecurity we use, our administrators include custom ones as well if they find a new threat that's not yet a part of the commercial bundle.