ModSecurity is an effective firewall for Apache web servers that's used to stop attacks against web applications. It keeps track of the HTTP traffic to a specific Internet site in real time and prevents any intrusion attempts as soon as it discovers them. The firewall uses a set of rules to do that - as an illustration, attempting to log in to a script administrator area without success many times triggers one rule, sending a request to execute a certain file that could result in getting access to the website triggers a different rule, etc. ModSecurity is amongst the best firewalls around and it'll protect even scripts which are not updated regularly because it can prevent attackers from using known exploits and security holes. Quite detailed information about each intrusion attempt is recorded and the logs the firewall keeps are far more comprehensive than the regular logs generated by the Apache server, so you may later analyze them and decide if you need to take extra measures in order to improve the safety of your script-driven Internet sites.

ModSecurity in Cloud Hosting

ModSecurity comes standard with all cloud hosting solutions which we supply and it'll be switched on automatically for any domain or subdomain which you add/create inside your Hepsia hosting CP. The firewall has three different modes, so you could activate and disable it with a mouse click or set it to detection mode, so it shall keep a log of all attacks, but it'll not do anything to prevent them. The log for each of your Internet sites shall include in-depth information such as the nature of the attack, where it originated from, what action was taken by ModSecurity, and so on. The firewall rules which we use are constantly updated and incorporate both commercial ones we get from a third-party security firm and custom ones that our system admins include in case that they detect a new type of attacks. This way, the Internet sites that you host here will be way more protected without any action required on your end.

ModSecurity in Semi-dedicated Servers

We have included ModSecurity by default in all semi-dedicated server plans, so your web applications shall be protected whenever you install them under any domain or subdomain. The Hepsia Control Panel which is included with the semi-dedicated accounts will permit you to activate or turn off the firewall for any website with a click. You will also be able to switch on a passive detection mode in which ModSecurity will maintain a log of potential attacks without really preventing them. The thorough logs include things like the nature of the attack and what ModSecurity response this attack generated, where it originated from, etcetera. The list of rules that we employ is frequently updated as to match any new threats which may appear on the Internet and it features both commercial rules that we get from a security corporation and custom-written ones that our admins include in the event that they find a threat that is not present inside the commercial list yet.

ModSecurity in VPS Servers

All VPS servers which are set up with the Hepsia CP include ModSecurity. The firewall is set up and switched on by default for all domains which are hosted on the server, so there won't be anything special which you will have to do to protect your sites. It'll take you a mouse click to stop ModSecurity if necessary or to turn on its passive mode so that it records what happens without taking any actions to stop intrusions. You'll be able to see the logs produced in active or passive mode from the corresponding section of Hepsia and discover more about the form of the attack, where it originated from, what rule the firewall employed to tackle it, etcetera. We employ a combination of commercial and custom rules so as to make certain that ModSecurity shall stop as many risks as possible, hence increasing the security of your web apps as much as possible.

ModSecurity in Dedicated Servers

ModSecurity is provided by default with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain you host or subdomain that you create on the hosting server. In case that a web application does not operate adequately, you may either disable the firewall or set it to work in passive mode. The second means that ModSecurity will maintain a log of any possible attack which might occur, but will not take any action to prevent it. The logs generated in active or passive mode will give you more details about the exact file that was attacked, the form of the attack and the IP address it originated from, etcetera. This data will allow you to determine what steps you can take to increase the safety of your sites, such as blocking IPs or carrying out script and plugin updates. The ModSecurity rules we use are updated regularly with a commercial bundle from a third-party security enterprise we work with, but occasionally our staff add their own rules also if they discover a new potential threat.