ModSecurity is a highly effective firewall for Apache web servers which is employed to stop attacks towards web applications. It keeps track of the HTTP traffic to a specific Internet site in real time and stops any intrusion attempts the moment it detects them. The firewall uses a set of rules to do that - for example, attempting to log in to a script administration area without success a few times activates one rule, sending a request to execute a certain file that may result in getting access to the website triggers a different rule, etcetera. ModSecurity is amongst the best firewalls around and it will protect even scripts which are not updated often as it can prevent attackers from using known exploits and security holes. Very detailed info about every single intrusion attempt is recorded and the logs the firewall keeps are a lot more detailed than the standard logs created by the Apache server, so you may later take a look at them and decide if you need to take more measures in order to enhance the protection of your script-driven sites.

ModSecurity in Web Hosting

ModSecurity can be found with every single web hosting plan that we offer and it is switched on by default for every domain or subdomain which you add via your Hepsia Control Panel. In case it interferes with any of your programs or you would like to disable it for any reason, you shall be able to do that through the ModSecurity area of Hepsia with merely a click. You may also enable a passive mode, so the firewall will recognize potential attacks and keep a log, but will not take any action. You can view comprehensive logs in the exact same section, including the IP address where the attack originated from, what exactly the attacker attempted to do and at what time, what ModSecurity did, etcetera. For max security of our clients we use a group of commercial firewall rules blended with custom ones which are added by our system admins.

ModSecurity in Semi-dedicated Servers

We've incorporated ModSecurity as a standard inside all semi-dedicated server products, so your web apps shall be protected the instant you install them under any domain or subdomain. The Hepsia Control Panel which comes with the semi-dedicated accounts will allow you to activate or turn off the firewall for any website with a mouse click. You shall also be able to activate a passive detection mode through which ModSecurity shall maintain a log of potential attacks without really preventing them. The comprehensive logs include things like the nature of the attack and what ModSecurity response that attack generated, where it came from, etcetera. The list of rules that we use is regularly updated in order to match any new threats that could appear on the Internet and it features both commercial rules that we get from a security firm and custom-written ones which our administrators include in the event that they discover a threat which is not present in the commercial list yet.

ModSecurity in VPS Servers

All VPS servers that are provided with the Hepsia Control Panel include ModSecurity. The firewall is set up and switched on by default for all domains which are hosted on the machine, so there shall not be anything special which you'll have to do to protect your websites. It shall take you only a mouse click to stop ModSecurity if necessary or to switch on its passive mode so that it records what occurs without taking any steps to prevent intrusions. You shall be able to see the logs produced in active or passive mode through the corresponding section of Hepsia and find out more about the form of the attack, where it originated from, what rule the firewall employed to tackle it, etc. We use a mixture of commercial and custom rules so as to ensure that ModSecurity will prevent as many risks as possible, consequently enhancing the security of your web apps as much as possible.

ModSecurity in Dedicated Servers

ModSecurity is included with all dedicated servers that are set up with our Hepsia Control Panel and you will not have to do anything specific on your end to employ it as it is turned on by default each time you include a new domain or subdomain on your server. If it disrupts some of your applications, you'll be able to stop it through the respective area of Hepsia, or you may leave it in passive mode, so it'll identify attacks and will still keep a log for them, but won't block them. You'll be able to analyze the logs later to learn what you can do to boost the security of your websites as you'll find info such as where an intrusion attempt came from, what site was attacked and in accordance with what rule ModSecurity responded, and so on. The rules we employ are commercial, thus they are frequently updated by a security firm, but to be on the safe side, our administrators also add custom rules every now and then as to deal with any new threats they have found.