ModSecurity is a highly effective firewall for Apache web servers that's employed to stop attacks against web applications. It monitors the HTTP traffic to a specific Internet site in real time and blocks any intrusion attempts as soon as it discovers them. The firewall relies on a set of rules to do that - for instance, trying to log in to a script admin area without success a few times triggers one rule, sending a request to execute a certain file that could result in gaining access to the site triggers another rule, and so forth. ModSecurity is amongst the best firewalls available on the market and it will protect even scripts which aren't updated often since it can prevent attackers from using known exploits and security holes. Incredibly detailed information about each intrusion attempt is recorded and the logs the firewall maintains are far more comprehensive than the regular logs created by the Apache server, so you may later examine them and decide whether you need to take more measures so as to enhance the protection of your script-driven sites.

ModSecurity in Cloud Website Hosting

ModSecurity can be found with every cloud website hosting package that we provide and it's activated by default for any domain or subdomain which you add through your Hepsia CP. In the event that it interferes with any of your applications or you would like to disable it for whatever reason, you shall be able to achieve that through the ModSecurity section of Hepsia with simply a click. You may also activate a passive mode, so the firewall will identify potential attacks and keep a log, but won't take any action. You'll be able to see detailed logs in the exact same section, including the IP address where the attack came from, what exactly the attacker aimed to do and at what time, what ModSecurity did, etc. For max security of our clients we use a set of commercial firewall rules mixed with custom ones that are added by our system admins.

ModSecurity in Semi-dedicated Servers

Any web application that you install in your new semi-dedicated server account will be protected by ModSecurity because the firewall is provided with all our hosting solutions and is turned on by default for any domain and subdomain that you add or create using your Hepsia hosting CP. You shall be able to manage ModSecurity through a dedicated section inside Hepsia where not simply can you activate or deactivate it completely, but you could also switch on a passive mode, so the firewall won't block anything, but it shall still keep an archive of potential attacks. This normally requires just a click and you'll be able to look at the logs regardless of if ModSecurity is in passive or active mode through the same section - what the attack was and where it came from, how it was dealt with, and so on. The firewall employs 2 groups of rules on our machines - a commercial one which we get from a third-party web security company and a custom one which our admins update manually as to respond to newly discovered risks as soon as possible.

ModSecurity in VPS Servers

Protection is essential to us, so we set up ModSecurity on all VPS servers that are provided with the Hepsia CP as a standard. The firewall could be managed through a dedicated section within Hepsia and is switched on automatically when you include a new domain or create a subdomain, so you'll not need to do anything by hand. You will also be able to disable it or turn on the so-called detection mode, so it will keep a log of possible attacks that you can later analyze, but will not block them. The logs in both passive and active modes offer info about the kind of the attack and how it was eliminated, what IP it originated from and other valuable info that could help you to tighten the security of your Internet sites by updating them or blocking IPs, as an example. On top of the commercial rules which we get for ModSecurity from a third-party security firm, we also employ our own rules because from time to time we find specific attacks which are not yet present in the commercial group. This way, we can easily boost the protection of your Virtual private server in a timely manner as opposed to awaiting a certified update.

ModSecurity in Dedicated Servers

All of our dedicated servers that are set up with the Hepsia hosting CP come with ModSecurity, so any program that you upload or install will be properly secured from the very beginning and you won't need to stress about common attacks or vulnerabilities. A separate section inside Hepsia will permit you to start or stop the firewall for any domain or subdomain, or activate a detection mode so that it records information about intrusions, but doesn't take actions to stop them. What you shall find in the logs shall enable you to to secure your Internet sites better - the IP address an attack originated from, what site was attacked and how, what ModSecurity rule was triggered, etcetera. With this data, you could see if an Internet site needs an update, if you need to block IPs from accessing your server, and so forth. Aside from the third-party commercial security rules for ModSecurity which we use, our administrators add custom ones as well every time they come across a new threat which is not yet a part of the commercial bundle.