ModSecurity is an effective firewall for Apache web servers that's used to stop attacks towards web applications. It keeps track of the HTTP traffic to a certain website in real time and stops any intrusion attempts the moment it identifies them. The firewall relies on a set of rules to do that - as an illustration, attempting to log in to a script admin area unsuccessfully many times activates one rule, sending a request to execute a particular file which may result in accessing the site triggers a different rule, etcetera. ModSecurity is amongst the best firewalls available on the market and it will preserve even scripts that are not updated regularly as it can prevent attackers from employing known exploits and security holes. Incredibly detailed data about each and every intrusion attempt is recorded and the logs the firewall keeps are a lot more detailed than the regular logs provided by the Apache server, so you could later examine them and decide whether you need to take extra measures in order to boost the security of your script-driven Internet sites.

ModSecurity in Cloud Web Hosting

ModSecurity can be found with every cloud web hosting solution that we provide and it is activated by default for every domain or subdomain that you include through your Hepsia Control Panel. In case it interferes with any of your apps or you'd like to disable it for some reason, you'll be able to do that through the ModSecurity area of Hepsia with only a mouse click. You may also activate a passive mode, so the firewall will discover possible attacks and keep a log, but will not take any action. You can see extensive logs in the exact same section, including the IP address where the attack came from, what precisely the attacker tried to do and at what time, what ModSecurity did, and so on. For max security of our customers we use a group of commercial firewall rules mixed with custom ones that are included by our system admins.

ModSecurity in Semi-dedicated Servers

We've integrated ModSecurity as a standard within all semi-dedicated server products, so your web applications will be protected the instant you install them under any domain or subdomain. The Hepsia Control Panel that comes with the semi-dedicated accounts shall allow you to activate or turn off the firewall for any Internet site with a click. You will also be able to turn on a passive detection mode in which ModSecurity shall maintain a log of possible attacks without actually preventing them. The thorough logs contain the nature of the attack and what ModSecurity response that attack generated, where it came from, and so on. The list of rules we use is constantly updated as to match any new risks which might appear on the Internet and it consists of both commercial rules that we get from a security business and custom-written ones that our administrators add in case they discover a threat that is not present inside the commercial list yet.

ModSecurity in VPS Servers

ModSecurity is pre-installed on all VPS servers which are provided with the Hepsia hosting CP, so your web apps will be secured from the second your server is ready. The firewall is switched on by default for any domain or subdomain on the Virtual Private Server, but if necessary, you could deactivate it with a mouse click via the corresponding section of Hepsia. You could also set it to operate in detection mode, so it will maintain an extensive log of any possible attacks without taking any action to stop them. The logs are available in the exact same section and provide details about the nature of the attack, what IP it came from and what ModSecurity rule was activated to stop it. For optimum security, we use not simply commercial rules from a firm operating in the field of web security, but also custom ones that our admins include personally in order to react to new threats which are still not dealt with in the commercial rules.

ModSecurity in Dedicated Servers

ModSecurity is offered by default with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain which you host or subdomain you create on the web server. Just in case that a web app doesn't operate properly, you could either turn off the firewall or set it to function in passive mode. The second means that ModSecurity shall maintain a log of any possible attack which may happen, but shall not take any action to stop it. The logs created in active or passive mode shall offer you additional details about the exact file which was attacked, the nature of the attack and the IP it came from, and so forth. This info shall permit you to determine what measures you can take to improve the protection of your sites, including blocking IPs or performing script and plugin updates. The ModSecurity rules we use are updated constantly with a commercial package from a third-party security company we work with, but oftentimes our administrators add their own rules also in the event that they identify a new potential threat.