ModSecurity is a powerful firewall for Apache web servers that's used to stop attacks against web applications. It monitors the HTTP traffic to a particular Internet site in real time and stops any intrusion attempts the moment it identifies them. The firewall relies on a set of rules to do this - for instance, trying to log in to a script administrator area without success many times activates one rule, sending a request to execute a certain file that may result in gaining access to the website triggers a different rule, and so on. ModSecurity is among the best firewalls out there and it will secure even scripts that are not updated often because it can prevent attackers from using known exploits and security holes. Very thorough information about each and every intrusion attempt is recorded and the logs the firewall maintains are a lot more comprehensive than the standard logs provided by the Apache server, so you could later examine them and decide whether you need to take extra measures in order to increase the security of your script-driven sites.

ModSecurity in Cloud Website Hosting

ModSecurity comes by default with all cloud website hosting plans that we provide and it shall be activated automatically for any domain or subdomain which you add/create within your Hepsia hosting CP. The firewall has three different modes, so you can activate and disable it with simply a click or set it to detection mode, so it shall maintain a log of all attacks, but it shall not do anything to prevent them. The log for each of your Internet sites shall contain detailed information such as the nature of the attack, where it originated from, what action was taken by ModSecurity, and so forth. The firewall rules we use are regularly updated and consist of both commercial ones that we get from a third-party security company and custom ones our system admins add in case that they detect a new sort of attacks. That way, the websites you host here will be way more protected with no action required on your end.

ModSecurity in Semi-dedicated Servers

Any web app that you install within your new semi-dedicated server account shall be protected by ModSecurity because the firewall comes with all our hosting packages and is activated by default for any domain and subdomain you include or create via your Hepsia hosting CP. You will be able to manage ModSecurity through a dedicated area inside Hepsia where not only could you activate or deactivate it fully, but you can also enable a passive mode, so the firewall shall not block anything, but it will still maintain an archive of potential attacks. This takes only a mouse click and you'll be able to look at the logs regardless if ModSecurity is in passive or active mode through the same section - what the attack was and where it originated from, how it was dealt with, etc. The firewall uses two groups of rules on our web servers - a commercial one which we get from a third-party web security company and a custom one that our administrators update manually as to respond to newly discovered threats as quickly as possible.

ModSecurity in VPS Servers

ModSecurity is pre-installed on all VPS servers that are provided with the Hepsia hosting Control Panel, so your web programs shall be secured from the instant your server is in a position. The firewall is turned on by default for any domain or subdomain on the VPS, but if needed, you'll be able to deactivate it with a mouse click via the corresponding section of Hepsia. You could also set it to work in detection mode, so it will maintain a comprehensive log of any possible attacks without taking any action to prevent them. The logs can be found within the very same section and provide information about the nature of the attack, what IP address it came from and what ModSecurity rule was initiated to stop it. For optimum security, we use not just commercial rules from a firm working in the field of web security, but also custom ones that our administrators include manually so as to respond to new risks that are still not tackled in the commercial rules.

ModSecurity in Dedicated Servers

ModSecurity is provided by default with all dedicated servers which are set up with the Hepsia CP and is set to “Active” automatically for any domain which you host or subdomain that you create on the hosting server. Just in case that a web app does not operate properly, you could either switch off the firewall or set it to operate in passive mode. The latter means that ModSecurity will maintain a log of any potential attack which may take place, but shall not take any action to prevent it. The logs produced in active or passive mode will present you with more details about the exact file which was attacked, the nature of the attack and the IP address it came from, and so on. This info shall enable you to decide what steps you can take to boost the protection of your sites, for instance blocking IPs or performing script and plugin updates. The ModSecurity rules which we employ are updated constantly with a commercial bundle from a third-party security enterprise we work with, but oftentimes our admins include their own rules also when they identify a new potential threat.