ModSecurity is a powerful firewall for Apache web servers which is used to stop attacks toward web applications. It keeps track of the HTTP traffic to a given website in real time and blocks any intrusion attempts the moment it detects them. The firewall uses a set of rules to do this - as an illustration, attempting to log in to a script admin area unsuccessfully several times activates one rule, sending a request to execute a specific file which may result in gaining access to the Internet site triggers a different rule, and so on. ModSecurity is one of the best firewalls out there and it'll secure even scripts that are not updated often because it can prevent attackers from using known exploits and security holes. Very comprehensive info about every single intrusion attempt is recorded and the logs the firewall keeps are much more comprehensive than the conventional logs created by the Apache server, so you may later analyze them and decide whether you need to take additional measures so as to enhance the safety of your script-driven websites.

ModSecurity in Website Hosting

We offer ModSecurity with all website hosting plans, so your web applications shall be shielded from destructive attacks. The firewall is turned on by default for all domains and subdomains, but if you'd like, you shall be able to stop it through the respective part of your Hepsia Control Panel. You can also activate a detection mode, so ModSecurity shall keep a log as intended, but shall not take any action. The logs that you shall discover in Hepsia are very detailed and include information about the nature of any attack, when it transpired and from what IP address, the firewall rule which was triggered, and so on. We use a set of commercial rules that are often updated, but sometimes our administrators add custom rules as well so as to efficiently protect the sites hosted on our servers.

ModSecurity in Semi-dedicated Hosting

Any web application which you install inside your new semi-dedicated hosting account will be protected by ModSecurity since the firewall comes with all our hosting packages and is switched on by default for any domain and subdomain you add or create via your Hepsia hosting CP. You will be able to manage ModSecurity through a dedicated section within Hepsia where not simply can you activate or deactivate it fully, but you could also switch on a passive mode, so the firewall won't block anything, but it will still keep an archive of potential attacks. This requires simply a click and you will be able to view the logs no matter if ModSecurity is in passive or active mode through the same section - what the attack was and where it came from, how it was dealt with, and so on. The firewall employs two sets of rules on our machines - a commercial one that we get from a third-party web security company and a custom one which our administrators update manually as to respond to newly discovered threats as soon as possible.

ModSecurity in VPS

All virtual private servers that are set up with the Hepsia CP feature ModSecurity. The firewall is installed and turned on by default for all domains which are hosted on the machine, so there will not be anything special that you'll need to do to protect your sites. It will take you just a click to stop ModSecurity if necessary or to activate its passive mode so that it records what occurs without taking any actions to prevent intrusions. You shall be able to look at the logs produced in passive or active mode through the corresponding section of Hepsia and find out more about the form of the attack, where it originated from, what rule the firewall used to deal with it, and so forth. We employ a mix of commercial and custom rules so as to ensure that ModSecurity will block out as many threats as possible, hence improving the protection of your web apps as much as possible.

ModSecurity in Dedicated Hosting

ModSecurity is provided as standard with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain that you host or subdomain which you create on the web server. Just in case that a web application doesn't work adequately, you may either switch off the firewall or set it to function in passive mode. The second means that ModSecurity will keep a log of any potential attack that may take place, but won't take any action to stop it. The logs created in passive or active mode will give you more details about the exact file that was attacked, the form of the attack and the IP address it originated from, etcetera. This data will permit you to choose what actions you can take to improve the protection of your Internet sites, including blocking IPs or carrying out script and plugin updates. The ModSecurity rules that we use are updated frequently with a commercial bundle from a third-party security enterprise we work with, but sometimes our staff include their own rules too in case they come across a new potential threat.