ModSecurity is an efficient firewall for Apache web servers which is employed to prevent attacks against web apps. It keeps track of the HTTP traffic to a given Internet site in real time and stops any intrusion attempts the moment it discovers them. The firewall uses a set of rules to do this - for instance, attempting to log in to a script administrator area without success many times triggers one rule, sending a request to execute a certain file which may result in accessing the site triggers another rule, etcetera. ModSecurity is one of the best firewalls available and it'll preserve even scripts which aren't updated regularly as it can prevent attackers from employing known exploits and security holes. Very thorough info about each intrusion attempt is recorded and the logs the firewall maintains are far more detailed than the standard logs generated by the Apache server, so you could later take a look at them and determine if you need to take additional measures in order to boost the safety of your script-driven websites.

ModSecurity in Cloud Web Hosting

ModSecurity comes by default with all cloud web hosting packages that we provide and it'll be activated automatically for any domain or subdomain which you add/create in your Hepsia hosting CP. The firewall has 3 different modes, so you could switch on and disable it with a click or set it to detection mode, so it will keep a log of all attacks, but it will not do anything to prevent them. The log for each of your sites shall feature elaborate information which includes the nature of the attack, where it came from, what action was taken by ModSecurity, and so on. The firewall rules we use are regularly updated and comprise of both commercial ones we get from a third-party security business and custom ones that our system administrators add in case that they detect a new type of attacks. In this way, the Internet sites you host here shall be far more protected with no action needed on your end.

ModSecurity in Semi-dedicated Hosting

ModSecurity is a part of our semi-dedicated hosting packages and if you choose to host your sites with us, there won't be anything special you'll need to do given that the firewall is activated by default for all domains and subdomains that you include via your hosting CP. If necessary, you could disable ModSecurity for a particular website or activate the so-called detection mode in which case the firewall shall still work and record info, but won't do anything to prevent potential attacks against your websites. Detailed logs will be accessible within your Control Panel and you'll be able to see what sort of attacks happened, what security rules were triggered and how the firewall addressed the threats, what Internet protocol addresses the attacks originated from, and so forth. We employ 2 types of rules on our servers - commercial ones from an organization which operates in the field of web security, and customized ones which our admins occasionally add to respond to newly found risks in a timely manner.

ModSecurity in VPS Hosting

ModSecurity is pre-installed on all virtual private servers that are set up with the Hepsia hosting CP, so your web applications shall be secured from the moment your server is ready. The firewall is turned on by default for any domain or subdomain on the Virtual Private Server, but if needed, you could disable it with a click via the corresponding section of Hepsia. You may also set it to function in detection mode, so it'll maintain an extensive log of any potential attacks without taking any action to prevent them. The logs can be found in the very same section and include information about the nature of the attack, what IP address it originated from and what ModSecurity rule was initiated to stop it. For best security, we employ not simply commercial rules from a firm operating in the field of web security, but also custom ones that our admins include personally so as to react to new threats that are still not tackled in the commercial rules.

ModSecurity in Dedicated Web Hosting

ModSecurity is available by default with all dedicated servers which are set up with the Hepsia CP and is set to “Active” automatically for any domain which you host or subdomain you create on the web server. Just in case that a web app does not work correctly, you can either disable the firewall or set it to operate in passive mode. The latter means that ModSecurity shall keep a log of any potential attack which may occur, but will not take any action to prevent it. The logs generated in active or passive mode will provide you with more details about the exact file that was attacked, the form of the attack and the IP it originated from, etcetera. This information will allow you to decide what steps you can take to increase the safety of your websites, for instance blocking IPs or carrying out script and plugin updates. The ModSecurity rules we use are updated constantly with a commercial bundle from a third-party security enterprise we work with, but oftentimes our staff include their own rules too when they discover a new potential threat.