ModSecurity is an effective firewall for Apache web servers that is used to stop attacks toward web applications. It tracks the HTTP traffic to a particular Internet site in real time and blocks any intrusion attempts the moment it detects them. The firewall uses a set of rules to accomplish that - as an illustration, attempting to log in to a script administration area without success several times activates one rule, sending a request to execute a certain file which could result in accessing the Internet site triggers another rule, and so forth. ModSecurity is amongst the best firewalls around and it will protect even scripts which aren't updated regularly since it can prevent attackers from using known exploits and security holes. Quite detailed info about every intrusion attempt is recorded and the logs the firewall keeps are a lot more comprehensive than the standard logs created by the Apache server, so you can later analyze them and decide if you need to take additional measures in order to boost the safety of your script-driven Internet sites.

ModSecurity in Website Hosting

ModSecurity is available on all website hosting web servers, so when you opt to host your sites with our firm, they will be protected against a wide array of attacks. The firewall is turned on as standard for all domains and subdomains, so there'll be nothing you'll need to do on your end. You shall be able to stop ModSecurity for any website if needed, or to enable a detection mode, so that all activity will be recorded, but the firewall won't take any real action. You will be able to view comprehensive logs through your Hepsia CP including the IP address where the attack originated from, what the attacker planned to do and how ModSecurity addressed the threat. Since we take the safety of our clients' Internet sites very seriously, we employ a group of commercial rules which we get from one of the best companies that maintain this type of rules. Our administrators also add custom rules to make certain that your Internet sites will be resistant to as many risks as possible.

ModSecurity in Semi-dedicated Servers

ModSecurity is part of our semi-dedicated server solutions and if you choose to host your websites with our company, there shall not be anything special you will have to do as the firewall is turned on by default for all domains and subdomains which you include via your hosting Control Panel. If required, you could disable ModSecurity for a certain website or switch on the so-called detection mode in which case the firewall shall still operate and record information, but shall not do anything to stop potential attacks against your websites. Thorough logs will be readily available inside your CP and you shall be able to see what type of attacks took place, what security rules were triggered and how the firewall handled the threats, what Internet protocol addresses the attacks originated from, etcetera. We use two types of rules on our servers - commercial ones from an organization that operates in the field of web security, and custom made ones which our admins sometimes include to respond to newly found threats on time.

ModSecurity in VPS Servers

ModSecurity is pre-installed on all VPS servers which are set up with the Hepsia hosting Control Panel, so your web apps shall be protected from the second your server is in a position. The firewall is turned on by default for any domain or subdomain on the Virtual Private Server, but if necessary, you can disable it with a click of your mouse through the corresponding section of Hepsia. You may also set it to work in detection mode, so it will maintain an extensive log of any possible attacks without taking any action to prevent them. The logs are available within the exact same section and provide info about the nature of the attack, what IP address it originated from and what ModSecurity rule was activated to stop it. For best security, we use not only commercial rules from a firm working in the field of web security, but also custom ones which our administrators add personally so as to react to new threats which are still not tackled in the commercial rules.

ModSecurity in Dedicated Servers

ModSecurity is offered as standard with all dedicated servers which are set up with the Hepsia CP and is set to “Active” automatically for any domain which you host or subdomain you create on the server. In the event that a web app doesn't operate adequately, you could either switch off the firewall or set it to function in passive mode. The latter means that ModSecurity shall maintain a log of any potential attack that could take place, but shall not take any action to stop it. The logs created in active or passive mode shall offer you more details about the exact file which was attacked, the type of the attack and the IP address it originated from, and so forth. This info will allow you to determine what steps you can take to improve the security of your sites, for instance blocking IPs or performing script and plugin updates. The ModSecurity rules which we use are updated constantly with a commercial package from a third-party security enterprise we work with, but from time to time our administrators include their own rules as well when they come across a new potential threat.