ModSecurity is an efficient firewall for Apache web servers that is employed to stop attacks against web applications. It tracks the HTTP traffic to a particular Internet site in real time and stops any intrusion attempts the instant it detects them. The firewall uses a set of rules to do this - as an example, attempting to log in to a script administrator area without success several times sets off one rule, sending a request to execute a particular file which may result in accessing the website triggers a different rule, etcetera. ModSecurity is among the best firewalls on the market and it will preserve even scripts which are not updated frequently because it can prevent attackers from employing known exploits and security holes. Quite comprehensive data about every intrusion attempt is recorded and the logs the firewall maintains are far more detailed than the regular logs created by the Apache server, so you can later examine them and determine whether you need to take more measures so as to increase the safety of your script-driven sites.

ModSecurity in Shared Website Hosting

We offer ModSecurity with all shared website hosting solutions, so your Internet apps will be protected against malicious attacks. The firewall is switched on as standard for all domains and subdomains, but if you would like, you shall be able to stop it using the respective area of your Hepsia Control Panel. You can also activate a detection mode, so ModSecurity will keep a log as intended, but shall not take any action. The logs which you will find in Hepsia are very detailed and feature data about the nature of any attack, when it occurred and from what IP address, the firewall rule which was triggered, etcetera. We employ a group of commercial rules which are constantly updated, but sometimes our administrators include custom rules as well in order to efficiently protect the Internet sites hosted on our machines.

ModSecurity in Semi-dedicated Servers

ModSecurity is a part of our semi-dedicated server packages and if you choose to host your sites with our company, there will not be anything special you'll need to do given that the firewall is switched on by default for all domains and subdomains which you add via your hosting CP. If required, you'll be able to disable ModSecurity for a particular website or switch on the so-called detection mode in which case the firewall shall still operate and record information, but shall not do anything to prevent potential attacks against your sites. Thorough logs will be accessible inside your CP and you'll be able to see which kind of attacks took place, what security rules were triggered and how the firewall dealt with the threats, what IP addresses the attacks originated from, and so forth. We use two kinds of rules on our servers - commercial ones from an organization which operates in the field of web security, and custom made ones that our administrators occasionally add to respond to newly found risks promptly.

ModSecurity in VPS Servers

Security is very important to us, so we install ModSecurity on all VPS servers which are provided with the Hepsia CP by default. The firewall can be managed through a dedicated section inside Hepsia and is activated automatically when you add a new domain or generate a subdomain, so you won't need to do anything by hand. You shall also be able to deactivate it or turn on the so-called detection mode, so it shall keep a log of potential attacks you can later analyze, but will not stop them. The logs in both passive and active modes contain details about the kind of the attack and how it was stopped, what IP it came from and other important info which might help you to tighten the security of your Internet sites by updating them or blocking IPs, as an example. On top of the commercial rules which we get for ModSecurity from a third-party security firm, we also use our own rules as occasionally we discover specific attacks that are not yet present in the commercial group. That way, we could improve the security of your VPS instantly rather than awaiting a certified update.

ModSecurity in Dedicated Servers

ModSecurity is provided with all dedicated servers that are integrated with our Hepsia CP and you won't need to do anything specific on your end to use it since it is switched on by default every time you add a new domain or subdomain on your hosting server. In case it interferes with some of your applications, you'll be able to stop it via the respective section of Hepsia, or you may leave it in passive mode, so it will identify attacks and will still maintain a log for them, but shall not prevent them. You can examine the logs later to find out what you can do to improve the safety of your Internet sites since you'll find details such as where an intrusion attempt originated from, what Internet site was attacked and in accordance with what rule ModSecurity reacted, etc. The rules we employ are commercial, therefore they're frequently updated by a security firm, but to be on the safe side, our admins also include custom rules from time to time in order to deal with any new threats they have found.