ModSecurity is an efficient firewall for Apache web servers which is employed to stop attacks towards web apps. It monitors the HTTP traffic to a given site in real time and stops any intrusion attempts the instant it detects them. The firewall relies on a set of rules to do that - for example, attempting to log in to a script admin area unsuccessfully a few times sets off one rule, sending a request to execute a particular file that may result in getting access to the Internet site triggers a different rule, etc. ModSecurity is amongst the best firewalls around and it'll protect even scripts that are not updated often since it can prevent attackers from using known exploits and security holes. Quite detailed data about every single intrusion attempt is recorded and the logs the firewall keeps are considerably more comprehensive than the regular logs created by the Apache server, so you could later analyze them and determine whether you need to take additional measures so as to improve the safety of your script-driven sites.

ModSecurity in Shared Website Hosting

ModSecurity comes by default with all shared website hosting solutions which we offer and it will be turned on automatically for any domain or subdomain which you add/create inside your Hepsia hosting CP. The firewall has 3 different modes, so you could switch on and disable it with simply a mouse click or set it to detection mode, so it will maintain a log of all attacks, but it shall not do anything to prevent them. The log for any of your Internet sites shall include detailed information including the nature of the attack, where it came from, what action was taken by ModSecurity, etcetera. The firewall rules that we use are regularly updated and include both commercial ones which we get from a third-party security firm and custom ones that our system admins add in case that they detect a new sort of attacks. That way, the sites that you host here will be way more secure without any action needed on your end.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server packages which we offer feature ModSecurity and given that the firewall is turned on by default, any site that you build under a domain or a subdomain will be protected right from the start. A separate section in the Hepsia CP which comes with the semi-dedicated accounts is devoted to ModSecurity and it'll permit you to start and stop the firewall for any Internet site or enable a detection mode. With the last option, ModSecurity shall not take any action, but it'll still identify possible attacks and will keep all information in a log as if it were fully active. The logs could be found inside the very same section of the Control Panel and they offer specifics about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to identify and stop it, and so on. The security rules which we employ on our web servers are a mix between commercial ones from a security company and custom ones developed by our system administrators. As a result, we offer increased security for your web applications as we can shield them from attacks even before security companies release updates for completely new threats.

ModSecurity in VPS Servers

ModSecurity is included with all Hepsia-based VPS servers which we offer and it shall be activated automatically for any new domain or subdomain that you include on the hosting server. That way, any web application which you install shall be protected right from the start without doing anything manually on your end. The firewall can be managed from the section of the CP that has the same name. This is the location whereyou can turn off ModSecurity or enable its passive mode, so it will not take any action towards threats, but shall still maintain a thorough log. The recorded info is available in the same section as well and you shall be able to see what IPs any attacks originated from to enable you to block them, what the nature of the attempted attacks was and based upon what security rules ModSecurity responded. The rules which we employ on our servers are a mix between commercial ones we obtain from a security organization and custom ones which are included by our administrators to maximize the protection of any web applications hosted on our end.

ModSecurity in Dedicated Servers

ModSecurity is available as standard with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain you host or subdomain you create on the hosting server. Just in case that a web application doesn't function adequately, you can either disable the firewall or set it to function in passive mode. The second means that ModSecurity will keep a log of any potential attack that may happen, but won't take any action to stop it. The logs generated in active or passive mode will offer you additional details about the exact file which was attacked, the nature of the attack and the IP address it originated from, and so forth. This information will allow you to decide what steps you can take to boost the safety of your websites, including blocking IPs or carrying out script and plugin updates. The ModSecurity rules that we employ are updated constantly with a commercial bundle from a third-party security company we work with, but occasionally our staff add their own rules as well in case they discover a new potential threat.