ModSecurity is a powerful firewall for Apache web servers that is employed to prevent attacks towards web apps. It monitors the HTTP traffic to a particular site in real time and blocks any intrusion attempts the moment it identifies them. The firewall uses a set of rules to do that - as an example, trying to log in to a script administration area without success many times activates one rule, sending a request to execute a particular file that may result in gaining access to the website triggers another rule, etc. ModSecurity is one of the best firewalls around and it will protect even scripts that are not updated on a regular basis as it can prevent attackers from using known exploits and security holes. Very thorough data about every single intrusion attempt is recorded and the logs the firewall keeps are much more comprehensive than the regular logs created by the Apache server, so you can later analyze them and determine if you need to take additional measures in order to increase the protection of your script-driven sites.

ModSecurity in Shared Hosting

We offer ModSecurity with all shared hosting plans, so your Internet apps shall be shielded from malicious attacks. The firewall is switched on as standard for all domains and subdomains, but in case you'd like, you will be able to stop it through the respective area of your Hepsia CP. You can also switch on a detection mode, so ModSecurity shall keep a log as intended, but won't take any action. The logs which you'll discover within Hepsia are extremely detailed and offer info about the nature of any attack, when it took place and from what IP address, the firewall rule that was triggered, and so on. We use a range of commercial rules which are constantly updated, but sometimes our admins include custom rules as well so as to efficiently protect the Internet sites hosted on our servers.

ModSecurity in Semi-dedicated Servers

Any web app that you set up within your new semi-dedicated server account will be protected by ModSecurity since the firewall comes with all our hosting plans and is switched on by default for any domain and subdomain which you add or create via your Hepsia hosting Control Panel. You'll be able to manage ModSecurity through a dedicated section in Hepsia where not only could you activate or deactivate it fully, but you could also activate a passive mode, so the firewall shall not block anything, but it will still maintain a record of potential attacks. This requires just a click and you will be able to view the logs regardless of if ModSecurity is in passive or active mode through the same section - what the attack was and where it originated from, how it was addressed, and so forth. The firewall uses two sets of rules on our servers - a commercial one which we get from a third-party web security company and a custom one that our administrators update personally as to respond to newly discovered threats as fast as possible.

ModSecurity in VPS Servers

Security is vital to us, so we install ModSecurity on all VPS servers that are set up with the Hepsia Control Panel by default. The firewall could be managed via a dedicated section within Hepsia and is turned on automatically when you include a new domain or create a subdomain, so you'll not need to do anything personally. You shall also be able to disable it or activate the so-called detection mode, so it will maintain a log of potential attacks that you can later examine, but will not block them. The logs in both passive and active modes contain details about the type of the attack and how it was stopped, what IP it originated from and other useful data that might help you to tighten the security of your websites by updating them or blocking IPs, as an example. Beyond the commercial rules that we get for ModSecurity from a third-party security enterprise, we also employ our own rules as once in a while we find specific attacks which are not yet present in the commercial package. That way, we can enhance the protection of your VPS immediately rather than waiting for an official update.

ModSecurity in Dedicated Servers

If you opt to host your websites on a dedicated server with the Hepsia CP, your web apps will be secured right away because ModSecurity is available with all Hepsia-based packages. You'll be able to regulate the firewall effortlessly and if needed, you shall be able to turn it off or enable its passive mode when it will only keep a log of what is going on without taking any action to prevent potential attacks. The logs which you will find in the exact same section of the Control Panel are incredibly detailed and include information about the attacker IP address, what site and file were attacked and in what way, what rule the firewall employed to stop the intrusion, and so on. This information will allow you to take measures and improve the security of your sites even more. To be on the safe side, we use not only commercial rules, but also custom-made ones that our administrators add whenever they identify attacks that have not yet been included in the commercial pack.