ModSecurity is an efficient firewall for Apache web servers which is employed to prevent attacks against web apps. It keeps track of the HTTP traffic to a particular Internet site in real time and blocks any intrusion attempts the moment it identifies them. The firewall relies on a set of rules to accomplish that - as an example, attempting to log in to a script administration area without success several times triggers one rule, sending a request to execute a certain file that may result in gaining access to the site triggers a different rule, and so on. ModSecurity is one of the best firewalls available on the market and it'll preserve even scripts which are not updated frequently since it can prevent attackers from employing known exploits and security holes. Very thorough data about every single intrusion attempt is recorded and the logs the firewall keeps are far more specific than the standard logs provided by the Apache server, so you could later analyze them and decide whether you need to take additional measures in order to enhance the security of your script-driven sites.

ModSecurity in Website Hosting

ModSecurity comes standard with all website hosting solutions which we supply and it shall be switched on automatically for any domain or subdomain which you add/create within your Hepsia hosting Control Panel. The firewall has three different modes, so you'll be able to activate and disable it with simply a mouse click or set it to detection mode, so it will maintain a log of all attacks, but it'll not do anything to stop them. The log for any of your Internet sites will include detailed info such as the nature of the attack, where it originated from, what action was taken by ModSecurity, etcetera. The firewall rules which we use are frequently updated and consist of both commercial ones we get from a third-party security company and custom ones which our system administrators include in case that they detect a new type of attacks. That way, the Internet sites that you host here shall be a lot more protected with no action needed on your end.

ModSecurity in Semi-dedicated Servers

ModSecurity is part of our semi-dedicated server plans and if you opt to host your sites with our company, there shall not be anything special you'll have to do given that the firewall is activated by default for all domains and subdomains that you add using your hosting CP. If necessary, you could disable ModSecurity for a given site or turn on the so-called detection mode in which case the firewall will still operate and record info, but will not do anything to prevent possible attacks on your websites. Thorough logs shall be readily available in your Control Panel and you shall be able to see which kind of attacks occurred, what security rules were triggered and how the firewall dealt with the threats, what IP addresses the attacks came from, and so forth. We use 2 sorts of rules on our servers - commercial ones from a company which operates in the field of web security, and customized ones that our administrators often add to respond to newly discovered threats on time.

ModSecurity in VPS Servers

Safety is essential to us, so we install ModSecurity on all VPS servers which are made available with the Hepsia CP by default. The firewall can be managed through a dedicated section within Hepsia and is turned on automatically when you add a new domain or create a subdomain, so you'll not have to do anything personally. You shall also be able to deactivate it or switch on the so-called detection mode, so it will keep a log of possible attacks which you can later analyze, but will not stop them. The logs in both passive and active modes include information about the type of the attack and how it was stopped, what IP it came from and other valuable data that might help you to tighten the security of your websites by updating them or blocking IPs, for instance. Beyond the commercial rules that we get for ModSecurity from a third-party security firm, we also employ our own rules since once in a while we find specific attacks which aren't yet present in the commercial package. That way, we can boost the security of your Virtual private server promptly as opposed to waiting for a certified update.

ModSecurity in Dedicated Servers

ModSecurity comes with all dedicated servers that are set up with our Hepsia CP and you'll not need to do anything specific on your end to employ it since it's turned on by default every time you add a new domain or subdomain on your server. If it disrupts some of your programs, you shall be able to stop it through the respective area of Hepsia, or you can leave it operating in passive mode, so it shall detect attacks and will still maintain a log for them, but won't block them. You may examine the logs later to find out what you can do to increase the protection of your Internet sites as you will find information such as where an intrusion attempt originated from, what site was attacked and in accordance with what rule ModSecurity responded, and so on. The rules which we employ are commercial, therefore they're regularly updated by a security provider, but to be on the safe side, our admins also add custom rules from time to time as to react to any new threats they have found.