ModSecurity is a highly effective firewall for Apache web servers that's used to stop attacks toward web apps. It tracks the HTTP traffic to a given site in real time and blocks any intrusion attempts the instant it discovers them. The firewall uses a set of rules to do that - for example, attempting to log in to a script administrator area without success many times sets off one rule, sending a request to execute a particular file which could result in accessing the website triggers a different rule, and so on. ModSecurity is one of the best firewalls available and it'll protect even scripts that are not updated regularly since it can prevent attackers from employing known exploits and security holes. Quite thorough data about each and every intrusion attempt is recorded and the logs the firewall keeps are far more detailed than the standard logs created by the Apache server, so you can later take a look at them and determine if you need to take more measures so as to increase the protection of your script-driven sites.

ModSecurity in Cloud Web Hosting

ModSecurity is offered with every cloud web hosting plan which we offer and it is activated by default for any domain or subdomain that you include via your Hepsia CP. If it disrupts any of your programs or you would like to disable it for any reason, you'll be able to achieve that through the ModSecurity section of Hepsia with only a click. You could also enable a passive mode, so the firewall will identify possible attacks and maintain a log, but won't take any action. You'll be able to view comprehensive logs in the same section, including the IP address where the attack originated from, exactly what the attacker tried to do and at what time, what ModSecurity did, etcetera. For maximum security of our customers we use a set of commercial firewall rules mixed with custom ones which are included by our system admins.

ModSecurity in Semi-dedicated Hosting

We have incorporated ModSecurity as a standard inside all semi-dedicated hosting plans, so your web applications will be protected whenever you install them under any domain or subdomain. The Hepsia Control Panel which is included with the semi-dedicated accounts shall allow you to activate or disable the firewall for any site with a mouse click. You shall also have the ability to switch on a passive detection mode in which ModSecurity shall maintain a log of potential attacks without really preventing them. The comprehensive logs include the nature of the attack and what ModSecurity response this attack generated, where it came from, etcetera. The list of rules we use is regularly updated as to match any new threats which might appear on the Internet and it features both commercial rules that we get from a security company and custom-written ones which our administrators add if they find a threat that is not present in the commercial list yet.

ModSecurity in VPS

All virtual private servers which are provided with the Hepsia CP feature ModSecurity. The firewall is installed and turned on by default for all domains that are hosted on the machine, so there shall not be anything special that you will have to do to protect your Internet sites. It'll take you a click to stop ModSecurity if required or to switch on its passive mode so that it records what occurs without taking any steps to stop intrusions. You'll be able to see the logs produced in active or passive mode via the corresponding section of Hepsia and discover more about the type of the attack, where it came from, what rule the firewall employed to tackle it, and so forth. We use a mix of commercial and custom rules in order to make sure that ModSecurity shall block as many risks as possible, thus enhancing the protection of your web apps as much as possible.

ModSecurity in Dedicated Hosting

ModSecurity is available by default with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain which you host or subdomain which you create on the server. In the event that a web app doesn't work correctly, you may either disable the firewall or set it to work in passive mode. The latter means that ModSecurity will maintain a log of any potential attack which may occur, but won't take any action to stop it. The logs created in active or passive mode shall present you with more details about the exact file which was attacked, the form of the attack and the IP address it came from, and so forth. This information will enable you to choose what measures you can take to enhance the safety of your sites, for instance blocking IPs or performing script and plugin updates. The ModSecurity rules we use are updated constantly with a commercial bundle from a third-party security provider we work with, but from time to time our admins add their own rules too in the event that they discover a new potential threat.