ModSecurity is a powerful firewall for Apache web servers that's employed to stop attacks against web apps. It tracks the HTTP traffic to a certain website in real time and blocks any intrusion attempts as soon as it detects them. The firewall relies on a set of rules to accomplish that - for example, trying to log in to a script administration area unsuccessfully a few times sets off one rule, sending a request to execute a specific file which may result in gaining access to the website triggers another rule, and so forth. ModSecurity is among the best firewalls out there and it'll protect even scripts that are not updated frequently as it can prevent attackers from employing known exploits and security holes. Very comprehensive data about every intrusion attempt is recorded and the logs the firewall maintains are a lot more detailed than the conventional logs generated by the Apache server, so you could later take a look at them and determine whether you need to take more measures so as to increase the safety of your script-driven sites.

ModSecurity in Hosting

ModSecurity comes standard with all hosting solutions that we supply and it shall be activated automatically for any domain or subdomain which you add/create inside your Hepsia hosting CP. The firewall has three different modes, so you can activate and disable it with a mouse click or set it to detection mode, so it will maintain a log of all attacks, but it'll not do anything to stop them. The log for each of your websites will feature comprehensive info such as the nature of the attack, where it came from, what action was taken by ModSecurity, etc. The firewall rules which we use are constantly updated and include both commercial ones which we get from a third-party security company and custom ones which our system admins include in case that they detect a new sort of attacks. In this way, the Internet sites that you host here will be a lot more protected without any action needed on your end.

ModSecurity in Semi-dedicated Hosting

Any web program that you set up in your new semi-dedicated hosting account will be protected by ModSecurity as the firewall is provided with all our hosting packages and is activated by default for any domain and subdomain which you include or create using your Hepsia hosting Control Panel. You shall be able to manage ModSecurity through a dedicated section in Hepsia where not only can you activate or deactivate it fully, but you can also enable a passive mode, so the firewall shall not stop anything, but it'll still maintain a record of possible attacks. This normally requires only a click and you shall be able to view the logs regardless of if ModSecurity is in passive or active mode through the same section - what the attack was and where it came from, how it was dealt with, etcetera. The firewall employs 2 groups of rules on our web servers - a commercial one that we get from a third-party web security provider and a custom one which our administrators update personally as to respond to newly discovered risks as quickly as possible.

ModSecurity in VPS Web Hosting

Protection is essential to us, so we install ModSecurity on all virtual private servers that are set up with the Hepsia Control Panel by default. The firewall can be managed via a dedicated section within Hepsia and is switched on automatically when you include a new domain or create a subdomain, so you'll not have to do anything by hand. You'll also be able to deactivate it or switch on the so-called detection mode, so it'll keep a log of possible attacks which you can later study, but won't block them. The logs in both passive and active modes contain info regarding the form of the attack and how it was eliminated, what IP it originated from and other important info which may help you to tighten the security of your websites by updating them or blocking IPs, for example. Besides the commercial rules which we get for ModSecurity from a third-party security enterprise, we also employ our own rules since once in a while we discover specific attacks that are not yet present within the commercial package. This way, we can improve the security of your Virtual private server right away as opposed to awaiting a certified update.

ModSecurity in Dedicated Servers Hosting

ModSecurity is provided by default with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain which you host or subdomain you create on the web server. Just in case that a web application doesn't operate correctly, you could either switch off the firewall or set it to operate in passive mode. The second means that ModSecurity will keep a log of any potential attack which could occur, but will not take any action to prevent it. The logs created in passive or active mode will present you with more details about the exact file which was attacked, the type of the attack and the IP it came from, etc. This information shall allow you to choose what measures you can take to enhance the protection of your websites, for instance blocking IPs or carrying out script and plugin updates. The ModSecurity rules we employ are updated often with a commercial package from a third-party security enterprise we work with, but from time to time our administrators add their own rules also in case they find a new potential threat.