ModSecurity is an efficient firewall for Apache web servers that's employed to prevent attacks against web applications. It keeps track of the HTTP traffic to a certain Internet site in real time and blocks any intrusion attempts as soon as it detects them. The firewall relies on a set of rules to do this - for instance, trying to log in to a script admin area unsuccessfully many times activates one rule, sending a request to execute a certain file that may result in gaining access to the site triggers another rule, etcetera. ModSecurity is one of the best firewalls available on the market and it will protect even scripts that aren't updated frequently since it can prevent attackers from using known exploits and security holes. Very comprehensive information about each intrusion attempt is recorded and the logs the firewall keeps are much more comprehensive than the standard logs provided by the Apache server, so you could later take a look at them and determine whether you need to take additional measures in order to increase the security of your script-driven websites.

ModSecurity in Web Hosting

We provide ModSecurity with all web hosting plans, so your web applications will be protected against malicious attacks. The firewall is switched on by default for all domains and subdomains, but in case you would like, you shall be able to stop it via the respective part of your Hepsia CP. You'll be able to also activate a detection mode, so ModSecurity shall keep a log as intended, but will not take any action. The logs which you shall discover within Hepsia are incredibly detailed and feature data about the nature of any attack, when it took place and from what IP address, the firewall rule which was triggered, etcetera. We use a range of commercial rules which are regularly updated, but sometimes our admins include custom rules as well so as to better protect the sites hosted on our machines.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server solutions which we offer come with ModSecurity and since the firewall is enabled by default, any Internet site you build under a domain or a subdomain shall be secured straight away. An individual section in the Hepsia Control Panel that comes with the semi-dedicated accounts is dedicated to ModSecurity and it shall allow you to stop and start the firewall for any Internet site or enable a detection mode. With the latter, ModSecurity will not take any action, but it will still detect possible attacks and will keep all info within a log as if it were completely active. The logs can be found inside the exact same section of the Control Panel and they include information about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to recognize and stop it, etc. The security rules that we use on our machines are a mix of commercial ones from a security firm and custom ones created by our system admins. As a result, we provide increased security for your web programs as we can protect them from attacks before security firms release updates for new threats.

ModSecurity in VPS Servers

All VPS servers which are provided with the Hepsia Control Panel include ModSecurity. The firewall is installed and turned on by default for all domains which are hosted on the machine, so there won't be anything special that you'll have to do to protect your sites. It shall take you simply a click to stop ModSecurity if required or to turn on its passive mode so that it records what goes on without taking any actions to prevent intrusions. You will be able to see the logs produced in passive or active mode from the corresponding section of Hepsia and discover more about the form of the attack, where it came from, what rule the firewall used to take care of it, etc. We use a combination of commercial and custom rules so as to ensure that ModSecurity will block out as many threats as possible, hence increasing the security of your web programs as much as possible.

ModSecurity in Dedicated Servers

ModSecurity is offered by default with all dedicated servers which are set up with the Hepsia CP and is set to “Active” automatically for any domain you host or subdomain that you create on the web server. In the event that a web application does not function correctly, you could either disable the firewall or set it to function in passive mode. The latter means that ModSecurity shall maintain a log of any possible attack that might take place, but shall not take any action to prevent it. The logs generated in passive or active mode shall present you with additional details about the exact file which was attacked, the type of the attack and the IP it came from, etc. This data will allow you to decide what actions you can take to boost the safety of your sites, including blocking IPs or carrying out script and plugin updates. The ModSecurity rules which we employ are updated regularly with a commercial pack from a third-party security firm we work with, but occasionally our staff add their own rules too when they find a new potential threat.