ModSecurity is a powerful firewall for Apache web servers which is used to prevent attacks toward web apps. It tracks the HTTP traffic to a specific Internet site in real time and blocks any intrusion attempts as soon as it discovers them. The firewall uses a set of rules to do that - as an illustration, trying to log in to a script administrator area without success a few times triggers one rule, sending a request to execute a specific file that may result in gaining access to the site triggers a different rule, and so on. ModSecurity is one of the best firewalls around and it'll preserve even scripts that aren't updated often as it can prevent attackers from employing known exploits and security holes. Quite comprehensive information about every intrusion attempt is recorded and the logs the firewall keeps are far more detailed than the conventional logs provided by the Apache server, so you could later analyze them and decide whether you need to take extra measures in order to increase the protection of your script-driven Internet sites.

ModSecurity in Cloud Hosting

ModSecurity comes by default with all cloud hosting packages which we supply and it shall be turned on automatically for any domain or subdomain that you add/create in your Hepsia hosting CP. The firewall has three different modes, so you can switch on and deactivate it with just a click or set it to detection mode, so it shall maintain a log of all attacks, but it'll not do anything to stop them. The log for any of your websites will feature comprehensive information which includes the nature of the attack, where it came from, what action was taken by ModSecurity, etc. The firewall rules that we use are constantly updated and consist of both commercial ones that we get from a third-party security company and custom ones which our system admins include in case that they detect a new type of attacks. In this way, the sites which you host here will be far more protected without any action expected on your end.

ModSecurity in Semi-dedicated Hosting

Any web program you set up inside your new semi-dedicated hosting account will be protected by ModSecurity because the firewall is included with all our hosting packages and is turned on by default for any domain and subdomain that you include or create using your Hepsia hosting CP. You shall be able to manage ModSecurity via a dedicated section inside Hepsia where not only can you activate or deactivate it fully, but you may also enable a passive mode, so the firewall won't block anything, but it'll still maintain an archive of potential attacks. This normally requires only a click and you will be able to look at the logs no matter if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was taken care of, etc. The firewall uses 2 groups of rules on our web servers - a commercial one that we get from a third-party web security firm and a custom one that our administrators update manually in order to respond to recently discovered threats as soon as possible.

ModSecurity in VPS

Protection is vital to us, so we install ModSecurity on all virtual private servers that are made available with the Hepsia CP as a standard. The firewall can be managed through a dedicated section in Hepsia and is activated automatically when you add a new domain or create a subdomain, so you won't need to do anything personally. You shall also be able to disable it or activate the so-called detection mode, so it shall keep a log of potential attacks which you can later analyze, but won't stop them. The logs in both passive and active modes include information regarding the form of the attack and how it was prevented, what IP it came from and other important data that could help you to tighten the security of your sites by updating them or blocking IPs, for instance. Besides the commercial rules we get for ModSecurity from a third-party security enterprise, we also employ our own rules because from time to time we find specific attacks which are not yet present in the commercial group. That way, we could boost the security of your Virtual private server immediately rather than waiting for an official update.

ModSecurity in Dedicated Hosting

ModSecurity is provided as standard with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain that you host or subdomain you create on the server. In case that a web application doesn't function adequately, you may either switch off the firewall or set it to function in passive mode. The second means that ModSecurity shall maintain a log of any possible attack that might happen, but will not take any action to prevent it. The logs generated in active or passive mode shall give you additional details about the exact file that was attacked, the type of the attack and the IP address it originated from, etcetera. This information shall permit you to determine what measures you can take to improve the safety of your Internet sites, including blocking IPs or carrying out script and plugin updates. The ModSecurity rules which we use are updated constantly with a commercial package from a third-party security enterprise we work with, but oftentimes our admins add their own rules also in case they discover a new potential threat.