ModSecurity is a powerful firewall for Apache web servers that is used to stop attacks against web applications. It keeps track of the HTTP traffic to a specific site in real time and prevents any intrusion attempts the instant it detects them. The firewall uses a set of rules to do this - for example, trying to log in to a script admin area unsuccessfully a few times activates one rule, sending a request to execute a certain file which could result in gaining access to the Internet site triggers a different rule, and so on. ModSecurity is one of the best firewalls available on the market and it will preserve even scripts that aren't updated often since it can prevent attackers from using known exploits and security holes. Incredibly thorough info about every intrusion attempt is recorded and the logs the firewall maintains are far more detailed than the conventional logs created by the Apache server, so you could later take a look at them and decide if you need to take additional measures so as to boost the safety of your script-driven sites.

ModSecurity in Hosting

ModSecurity comes by default with all hosting plans that we provide and it'll be switched on automatically for any domain or subdomain which you add/create inside your Hepsia hosting Control Panel. The firewall has 3 different modes, so you could switch on and deactivate it with only a mouse click or set it to detection mode, so it will maintain a log of all attacks, but it'll not do anything to stop them. The log for any of your websites shall include elaborate information which includes the nature of the attack, where it originated from, what action was taken by ModSecurity, and so forth. The firewall rules which we use are frequently updated and incorporate both commercial ones that we get from a third-party security firm and custom ones our system admins add in the event that they detect a new kind of attacks. In this way, the websites you host here shall be a lot more protected with no action expected on your end.

ModSecurity in Semi-dedicated Servers

Any web application which you set up in your new semi-dedicated server account will be protected by ModSecurity since the firewall is provided with all our hosting packages and is turned on by default for any domain and subdomain which you add or create via your Hepsia hosting CP. You shall be able to manage ModSecurity through a dedicated section within Hepsia where not simply can you activate or deactivate it fully, but you may also switch on a passive mode, so the firewall shall not block anything, but it shall still keep an archive of possible attacks. This requires only a click and you will be able to look at the logs no matter if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was handled, and so on. The firewall uses 2 groups of rules on our machines - a commercial one that we get from a third-party web security firm and a custom one which our administrators update personally as to respond to newly discovered threats immediately.

ModSecurity in VPS Servers

ModSecurity is pre-installed on all VPS servers which are offered with the Hepsia hosting CP, so your web programs will be secured from the moment your server is ready. The firewall is switched on by default for any domain or subdomain on the VPS, but if needed, you'll be able to disable it with a click of your mouse from the corresponding section of Hepsia. You can also set it to operate in detection mode, so it will maintain a detailed log of any potential attacks without taking any action to prevent them. The logs can be found within the exact same section and offer details about the nature of the attack, what IP it came from and what ModSecurity rule was initiated to stop it. For maximum security, we use not just commercial rules from a business operating in the field of web security, but also custom ones our administrators include personally in order to react to new risks that are still not tackled in the commercial rules.

ModSecurity in Dedicated Servers

ModSecurity is available by default with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain which you host or subdomain that you create on the hosting server. In case that a web app doesn't function correctly, you can either switch off the firewall or set it to work in passive mode. The second means that ModSecurity shall keep a log of any possible attack which could occur, but will not take any action to prevent it. The logs created in passive or active mode will give you more details about the exact file which was attacked, the form of the attack and the IP it came from, etc. This information will allow you to decide what measures you can take to increase the safety of your Internet sites, such as blocking IPs or performing script and plugin updates. The ModSecurity rules which we employ are updated constantly with a commercial package from a third-party security company we work with, but from time to time our administrators include their own rules too in the event that they discover a new potential threat.