ModSecurity is an efficient firewall for Apache web servers that is used to prevent attacks towards web applications. It tracks the HTTP traffic to a particular website in real time and prevents any intrusion attempts the moment it detects them. The firewall relies on a set of rules to do this - for example, attempting to log in to a script admin area without success many times triggers one rule, sending a request to execute a particular file that could result in getting access to the site triggers a different rule, and so forth. ModSecurity is among the best firewalls available on the market and it'll protect even scripts that are not updated frequently because it can prevent attackers from employing known exploits and security holes. Very comprehensive data about every single intrusion attempt is recorded and the logs the firewall maintains are considerably more detailed than the conventional logs generated by the Apache server, so you can later take a look at them and determine if you need to take more measures in order to enhance the protection of your script-driven sites.

ModSecurity in Shared Hosting

We offer ModSecurity with all shared hosting solutions, so your Internet apps shall be resistant to malicious attacks. The firewall is switched on by default for all domains and subdomains, but in case you would like, you will be able to stop it using the respective part of your Hepsia CP. You can also switch on a detection mode, so ModSecurity will keep a log as intended, but won't take any action. The logs which you'll discover in Hepsia are quite detailed and include info about the nature of any attack, when it happened and from what IP, the firewall rule that was triggered, etc. We use a set of commercial rules which are often updated, but sometimes our admins include custom rules as well so as to better protect the websites hosted on our servers.

ModSecurity in Semi-dedicated Servers

Any web program which you set up inside your new semi-dedicated server account will be protected by ModSecurity because the firewall comes with all our hosting plans and is activated by default for any domain and subdomain which you include or create using your Hepsia hosting CP. You'll be able to manage ModSecurity via a dedicated section within Hepsia where not only can you activate or deactivate it fully, but you could also switch on a passive mode, so the firewall won't stop anything, but it shall still maintain an archive of possible attacks. This requires only a mouse click and you will be able to view the logs regardless of if ModSecurity is in active or passive mode through the same section - what the attack was and where it came from, how it was addressed, etc. The firewall employs 2 groups of rules on our web servers - a commercial one that we get from a third-party web security firm and a custom one that our admins update manually in order to respond to newly discovered threats at the earliest opportunity.

ModSecurity in VPS Servers

Safety is vital to us, so we set up ModSecurity on all VPS servers that are provided with the Hepsia Control Panel by default. The firewall can be managed through a dedicated section within Hepsia and is activated automatically when you include a new domain or generate a subdomain, so you won't need to do anything personally. You'll also be able to disable it or switch on the so-called detection mode, so it shall maintain a log of potential attacks which you can later analyze, but won't stop them. The logs in both passive and active modes offer details regarding the type of the attack and how it was eliminated, what IP it came from and other important information that might help you to tighten the security of your sites by updating them or blocking IPs, as an example. Besides the commercial rules we get for ModSecurity from a third-party security enterprise, we also use our own rules because from time to time we discover specific attacks which are not yet present inside the commercial package. This way, we can easily enhance the security of your VPS instantly as opposed to awaiting a certified update.

ModSecurity in Dedicated Servers

All our dedicated servers which are set up with the Hepsia hosting CP include ModSecurity, so any application you upload or install will be secured from the very beginning and you'll not have to bother about common attacks or vulnerabilities. An independent section in Hepsia will allow you to start or stop the firewall for each domain or subdomain, or switch on a detection mode so that it records information regarding intrusions, but does not take actions to prevent them. What you shall discover in the logs can easily allow you to to secure your websites better - the IP address an attack came from, what website was attacked and how, what ModSecurity rule was triggered, and so forth. With this information, you could see whether a website needs an update, whether you should block IPs from accessing your web server, and so on. Besides the third-party commercial security rules for ModSecurity which we use, our admins add custom ones too when they find a new threat that is not yet a part of the commercial bundle.