ModSecurity is an efficient firewall for Apache web servers which is used to stop attacks towards web apps. It monitors the HTTP traffic to a given website in real time and prevents any intrusion attempts the instant it identifies them. The firewall relies on a set of rules to do that - as an example, trying to log in to a script administrator area without success several times sets off one rule, sending a request to execute a particular file which could result in getting access to the website triggers a different rule, and so forth. ModSecurity is among the best firewalls on the market and it will secure even scripts that aren't updated frequently because it can prevent attackers from using known exploits and security holes. Incredibly detailed info about each intrusion attempt is recorded and the logs the firewall keeps are considerably more specific than the standard logs created by the Apache server, so you could later take a look at them and determine whether you need to take more measures in order to improve the security of your script-driven sites.

ModSecurity in Web Hosting

We provide ModSecurity with all web hosting plans, so your web apps will be shielded from harmful attacks. The firewall is activated as standard for all domains and subdomains, but if you'd like, you shall be able to stop it through the respective part of your Hepsia Control Panel. You can also switch on a detection mode, so ModSecurity will keep a log as intended, but won't take any action. The logs that you'll find inside Hepsia are extremely detailed and offer info about the nature of any attack, when it occurred and from what IP, the firewall rule which was triggered, etc. We employ a range of commercial rules that are constantly updated, but sometimes our admins include custom rules as well so as to efficiently protect the sites hosted on our machines.

ModSecurity in Semi-dedicated Hosting

ModSecurity is a part of our semi-dedicated hosting packages and if you opt to host your websites with us, there won't be anything special you'll need to do given that the firewall is turned on by default for all domains and subdomains which you include through your hosting CP. If necessary, you can disable ModSecurity for a certain Internet site or switch on the so-called detection mode in which case the firewall shall still operate and record info, but shall not do anything to stop possible attacks against your websites. In depth logs shall be available in your Control Panel and you shall be able to see what type of attacks took place, what security rules were triggered and how the firewall addressed the threats, what Internet protocol addresses the attacks came from, etcetera. We use 2 types of rules on our servers - commercial ones from a firm that operates in the field of web security, and custom made ones that our administrators often include to respond to newly identified threats in a timely manner.

ModSecurity in VPS Hosting

ModSecurity is pre-installed on all virtual private servers which are set up with the Hepsia hosting Control Panel, so your web apps will be secured from the second your server is ready. The firewall is turned on by default for any domain or subdomain on the VPS, but if required, you could deactivate it with a click of your mouse through the corresponding section of Hepsia. You can also set it to operate in detection mode, so it will keep a comprehensive log of any potential attacks without taking any action to prevent them. The logs are available within the same section and offer info about the nature of the attack, what IP address it originated from and what ModSecurity rule was activated to stop it. For maximum security, we employ not just commercial rules from a firm working in the field of web security, but also custom ones our administrators add manually so as to react to new threats that are still not addressed in the commercial rules.

ModSecurity in Dedicated Web Hosting

ModSecurity is available as standard with all dedicated servers which are set up with the Hepsia CP and is set to “Active” automatically for any domain you host or subdomain that you create on the hosting server. In the event that a web app does not work correctly, you could either turn off the firewall or set it to work in passive mode. The latter means that ModSecurity will maintain a log of any possible attack which might happen, but will not take any action to prevent it. The logs generated in active or passive mode will offer you additional details about the exact file which was attacked, the form of the attack and the IP address it came from, and so forth. This data will enable you to decide what measures you can take to enhance the protection of your websites, such as blocking IPs or carrying out script and plugin updates. The ModSecurity rules we use are updated frequently with a commercial pack from a third-party security firm we work with, but from time to time our staff add their own rules as well in the event that they find a new potential threat.