ModSecurity is an efficient firewall for Apache web servers that's used to stop attacks against web apps. It monitors the HTTP traffic to a given website in real time and prevents any intrusion attempts as soon as it identifies them. The firewall relies on a set of rules to do that - as an example, trying to log in to a script administration area unsuccessfully a few times triggers one rule, sending a request to execute a certain file that may result in gaining access to the website triggers another rule, etc. ModSecurity is one of the best firewalls around and it will preserve even scripts that are not updated often because it can prevent attackers from using known exploits and security holes. Very detailed data about each and every intrusion attempt is recorded and the logs the firewall maintains are a lot more detailed than the conventional logs created by the Apache server, so you may later take a look at them and determine if you need to take additional measures in order to improve the protection of your script-driven websites.

ModSecurity in Cloud Web Hosting

ModSecurity is available on all cloud web hosting machines, so if you decide to host your sites with our company, they shall be shielded from an array of attacks. The firewall is enabled as standard for all domains and subdomains, so there will be nothing you shall need to do on your end. You'll be able to stop ModSecurity for any Internet site if required, or to activate a detection mode, so that all activity will be recorded, but the firewall won't take any real action. You will be able to view comprehensive logs from your Hepsia CP including the IP where the attack came from, what the attacker wished to do and how ModSecurity dealt with the threat. As we take the safety of our clients' Internet sites very seriously, we employ a collection of commercial rules that we take from one of the leading companies which maintain this kind of rules. Our admins also add custom rules to ensure that your websites will be protected against as many threats as possible.

ModSecurity in Semi-dedicated Hosting

Any web application which you set up inside your new semi-dedicated hosting account will be protected by ModSecurity because the firewall is included with all our hosting solutions and is turned on by default for any domain and subdomain that you include or create using your Hepsia hosting CP. You shall be able to manage ModSecurity via a dedicated section within Hepsia where not simply could you activate or deactivate it completely, but you could also activate a passive mode, so the firewall shall not block anything, but it will still maintain a record of potential attacks. This requires just a click and you'll be able to see the logs regardless if ModSecurity is in passive or active mode through the same section - what the attack was and where it came from, how it was dealt with, and so on. The firewall uses 2 groups of rules on our web servers - a commercial one which we get from a third-party web security firm and a custom one which our admins update manually as to respond to newly discovered risks as fast as possible.

ModSecurity in VPS

Safety is vital to us, so we set up ModSecurity on all virtual private servers which are made available with the Hepsia Control Panel by default. The firewall could be managed through a dedicated section inside Hepsia and is activated automatically when you add a new domain or create a subdomain, so you won't need to do anything by hand. You will also be able to disable it or switch on the so-called detection mode, so it shall keep a log of potential attacks you can later examine, but shall not stop them. The logs in both passive and active modes offer info regarding the type of the attack and how it was eliminated, what IP address it originated from and other valuable info which may help you to tighten the security of your websites by updating them or blocking IPs, for example. Besides the commercial rules that we get for ModSecurity from a third-party security enterprise, we also implement our own rules because from time to time we identify specific attacks which aren't yet present inside the commercial package. That way, we could increase the protection of your VPS instantly rather than awaiting an official update.

ModSecurity in Dedicated Hosting

ModSecurity is offered by default with all dedicated servers which are set up with the Hepsia CP and is set to “Active” automatically for any domain which you host or subdomain that you create on the web server. Just in case that a web app does not operate adequately, you could either turn off the firewall or set it to work in passive mode. The latter means that ModSecurity shall keep a log of any possible attack that may take place, but will not take any action to prevent it. The logs produced in passive or active mode shall give you additional details about the exact file which was attacked, the type of the attack and the IP address it originated from, and so forth. This information shall permit you to determine what measures you can take to improve the safety of your Internet sites, for instance blocking IPs or performing script and plugin updates. The ModSecurity rules which we employ are updated often with a commercial package from a third-party security enterprise we work with, but sometimes our administrators add their own rules too in case they discover a new potential threat.