ModSecurity is a powerful firewall for Apache web servers that is used to prevent attacks towards web applications. It tracks the HTTP traffic to a particular site in real time and blocks any intrusion attempts the moment it detects them. The firewall relies on a set of rules to do that - as an illustration, attempting to log in to a script administration area without success a few times activates one rule, sending a request to execute a particular file which could result in getting access to the site triggers another rule, and so on. ModSecurity is one of the best firewalls on the market and it'll preserve even scripts which aren't updated on a regular basis because it can prevent attackers from using known exploits and security holes. Very comprehensive info about every single intrusion attempt is recorded and the logs the firewall maintains are a lot more comprehensive than the regular logs generated by the Apache server, so you may later analyze them and determine if you need to take extra measures in order to improve the safety of your script-driven sites.

ModSecurity in Cloud Hosting

We offer ModSecurity with all cloud hosting solutions, so your web apps will be protected against malicious attacks. The firewall is activated as standard for all domains and subdomains, but in case you would like, you shall be able to stop it through the respective part of your Hepsia CP. You'll be able to also switch on a detection mode, so ModSecurity will keep a log as intended, but won't take any action. The logs that you'll find in Hepsia are quite detailed and include information about the nature of any attack, when it happened and from what IP address, the firewall rule that was triggered, and so forth. We employ a set of commercial rules which are regularly updated, but sometimes our admins add custom rules as well so as to efficiently protect the sites hosted on our machines.

ModSecurity in Semi-dedicated Hosting

ModSecurity is a part of our semi-dedicated hosting packages and if you choose to host your websites with our company, there shall not be anything special you'll need to do given that the firewall is activated by default for all domains and subdomains which you include via your hosting CP. If required, you'll be able to disable ModSecurity for a particular website or enable the so-called detection mode in which case the firewall will still operate and record info, but will not do anything to stop possible attacks on your websites. Comprehensive logs shall be accessible inside your CP and you'll be able to see what sort of attacks happened, what security rules were triggered and how the firewall handled the threats, what IP addresses the attacks originated from, etcetera. We use 2 types of rules on our servers - commercial ones from a firm which operates in the field of web security, and custom ones that our administrators often add to respond to newly discovered risks on time.

ModSecurity in VPS

Protection is of the utmost importance to us, so we set up ModSecurity on all virtual private servers which are provided with the Hepsia Control Panel by default. The firewall can be managed through a dedicated section in Hepsia and is activated automatically when you include a new domain or create a subdomain, so you'll not need to do anything manually. You shall also be able to disable it or switch on the so-called detection mode, so it'll maintain a log of possible attacks that you can later examine, but shall not block them. The logs in both passive and active modes include information regarding the form of the attack and how it was stopped, what IP address it came from and other valuable data which could help you to tighten the security of your sites by updating them or blocking IPs, as an example. Besides the commercial rules that we get for ModSecurity from a third-party security company, we also use our own rules because from time to time we find specific attacks that are not yet present inside the commercial pack. That way, we can easily boost the security of your VPS instantly instead of awaiting an official update.

ModSecurity in Dedicated Hosting

ModSecurity is offered as standard with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain that you host or subdomain you create on the hosting server. In the event that a web application doesn't function correctly, you can either disable the firewall or set it to work in passive mode. The second means that ModSecurity will maintain a log of any potential attack which may occur, but will not take any action to stop it. The logs created in passive or active mode shall provide you with more details about the exact file that was attacked, the type of the attack and the IP it originated from, and so on. This info will permit you to determine what measures you can take to boost the safety of your Internet sites, including blocking IPs or performing script and plugin updates. The ModSecurity rules which we employ are updated frequently with a commercial package from a third-party security enterprise we work with, but from time to time our staff include their own rules as well if they identify a new potential threat.