ModSecurity is a powerful firewall for Apache web servers which is used to prevent attacks against web applications. It keeps track of the HTTP traffic to a particular Internet site in real time and blocks any intrusion attempts as soon as it discovers them. The firewall relies on a set of rules to do that - as an example, attempting to log in to a script administrator area unsuccessfully many times activates one rule, sending a request to execute a certain file which may result in getting access to the site triggers a different rule, etcetera. ModSecurity is amongst the best firewalls around and it'll preserve even scripts that aren't updated frequently because it can prevent attackers from using known exploits and security holes. Quite comprehensive info about every intrusion attempt is recorded and the logs the firewall keeps are far more detailed than the conventional logs generated by the Apache server, so you may later examine them and determine if you need to take extra measures so as to improve the safety of your script-driven Internet sites.

ModSecurity in Web Hosting

ModSecurity comes standard with all web hosting plans that we provide and it'll be turned on automatically for any domain or subdomain which you add/create within your Hepsia hosting Control Panel. The firewall has 3 different modes, so you can activate and deactivate it with only a click or set it to detection mode, so it will keep a log of all attacks, but it will not do anything to stop them. The log for each of your websites will feature detailed information which includes the nature of the attack, where it came from, what action was taken by ModSecurity, etc. The firewall rules which we use are constantly updated and include both commercial ones we get from a third-party security firm and custom ones our system administrators include in the event that they detect a new sort of attacks. In this way, the Internet sites you host here will be far more protected without any action required on your end.

ModSecurity in Semi-dedicated Servers

ModSecurity is a part of our semi-dedicated server plans and if you decide to host your websites with us, there won't be anything special you'll have to do since the firewall is turned on by default for all domains and subdomains which you include through your hosting CP. If needed, you can disable ModSecurity for a certain Internet site or turn on the so-called detection mode in which case the firewall will still operate and record data, but will not do anything to prevent potential attacks against your Internet sites. In depth logs shall be available in your Control Panel and you'll be able to see what type of attacks took place, what security rules were triggered and how the firewall addressed the threats, what IP addresses the attacks originated from, and so on. We use two types of rules on our servers - commercial ones from a company that operates in the field of web security, and customized ones which our admins often add to respond to newly identified risks promptly.

ModSecurity in VPS Servers

Security is extremely important to us, so we install ModSecurity on all VPS servers that are made available with the Hepsia Control Panel as a standard. The firewall can be managed through a dedicated section within Hepsia and is switched on automatically when you include a new domain or generate a subdomain, so you'll not have to do anything personally. You shall also be able to deactivate it or switch on the so-called detection mode, so it will maintain a log of possible attacks which you can later study, but will not block them. The logs in both passive and active modes offer information about the kind of the attack and how it was stopped, what IP it came from and other useful info which may help you to tighten the security of your websites by updating them or blocking IPs, for instance. In addition to the commercial rules we get for ModSecurity from a third-party security company, we also employ our own rules since from time to time we identify specific attacks which aren't yet present inside the commercial pack. That way, we could improve the security of your VPS right away instead of waiting for an official update.

ModSecurity in Dedicated Servers

ModSecurity is provided with all dedicated servers that are set up with our Hepsia Control Panel and you will not have to do anything specific on your end to use it as it is enabled by default each time you include a new domain or subdomain on your hosting server. In the event that it disrupts any of your apps, you shall be able to stop it through the respective part of Hepsia, or you may leave it operating in passive mode, so it'll identify attacks and shall still keep a log for them, but shall not stop them. You may examine the logs later to determine what you can do to enhance the protection of your sites since you'll find information such as where an intrusion attempt came from, what Internet site was attacked and based upon what rule ModSecurity reacted, etcetera. The rules we use are commercial, hence they're frequently updated by a security firm, but to be on the safe side, our admins also add custom rules from time to time in order to deal with any new threats they have discovered.