ModSecurity is a highly effective firewall for Apache web servers which is used to prevent attacks toward web apps. It tracks the HTTP traffic to a particular website in real time and prevents any intrusion attempts the moment it discovers them. The firewall relies on a set of rules to do that - for instance, trying to log in to a script admin area unsuccessfully a few times sets off one rule, sending a request to execute a certain file that may result in gaining access to the Internet site triggers another rule, etc. ModSecurity is among the best firewalls available on the market and it'll preserve even scripts which aren't updated frequently because it can prevent attackers from using known exploits and security holes. Very thorough data about every intrusion attempt is recorded and the logs the firewall keeps are far more specific than the standard logs generated by the Apache server, so you may later analyze them and determine if you need to take additional measures in order to enhance the safety of your script-driven websites.

ModSecurity in Shared Hosting

ModSecurity comes by default with all shared hosting packages which we supply and it'll be activated automatically for any domain or subdomain which you add/create in your Hepsia hosting Control Panel. The firewall has 3 different modes, so you could activate and disable it with simply a click or set it to detection mode, so it shall keep a log of all attacks, but it shall not do anything to prevent them. The log for any of your websites will contain in-depth info which includes the nature of the attack, where it came from, what action was taken by ModSecurity, etc. The firewall rules that we use are constantly updated and incorporate both commercial ones that we get from a third-party security firm and custom ones that our system admins include in case that they detect a new kind of attacks. In this way, the sites that you host here will be much more secure with no action expected on your end.

ModSecurity in Semi-dedicated Servers

We have included ModSecurity by default within all semi-dedicated server packages, so your web applications will be protected as soon as you install them under any domain or subdomain. The Hepsia CP that comes with the semi-dedicated accounts will permit you to enable or turn off the firewall for any site with a mouse click. You shall also be able to turn on a passive detection mode with which ModSecurity will keep a log of possible attacks without really stopping them. The thorough logs include things like the nature of the attack and what ModSecurity response this attack activated, where it originated from, and so forth. The list of rules which we use is constantly updated as to match any new threats that could appear on the Internet and it includes both commercial rules that we get from a security company and custom-written ones which our admins add in case they discover a threat that's not present inside the commercial list yet.

ModSecurity in VPS Servers

Security is of the utmost importance to us, so we set up ModSecurity on all VPS servers that are set up with the Hepsia CP as a standard. The firewall can be managed through a dedicated section inside Hepsia and is turned on automatically when you add a new domain or generate a subdomain, so you'll not have to do anything manually. You shall also be able to deactivate it or switch on the so-called detection mode, so it'll maintain a log of potential attacks which you can later examine, but won't stop them. The logs in both passive and active modes contain information about the type of the attack and how it was prevented, what IP address it came from and other important info which may help you to tighten the security of your websites by updating them or blocking IPs, as an example. Beyond the commercial rules which we get for ModSecurity from a third-party security enterprise, we also implement our own rules as every now and then we identify specific attacks which are not yet present in the commercial group. This way, we can easily improve the protection of your VPS promptly rather than awaiting a certified update.

ModSecurity in Dedicated Servers

ModSecurity comes with all dedicated servers that are integrated with our Hepsia CP and you won't need to do anything specific on your end to use it as it is enabled by default every time you add a new domain or subdomain on your server. If it interferes with any of your programs, you shall be able to stop it through the respective part of Hepsia, or you may leave it in passive mode, so it will identify attacks and will still keep a log for them, but will not prevent them. You could analyze the logs later to determine what you can do to improve the protection of your Internet sites since you will find info such as where an intrusion attempt originated from, what site was attacked and based on what rule ModSecurity reacted, etc. The rules that we use are commercial, therefore they are frequently updated by a security company, but to be on the safe side, our admins also add custom rules occasionally as to deal with any new threats they have identified.