ModSecurity is an effective firewall for Apache web servers that is used to stop attacks towards web applications. It keeps track of the HTTP traffic to a specific site in real time and stops any intrusion attempts the instant it discovers them. The firewall uses a set of rules to do that - for instance, trying to log in to a script admin area without success several times triggers one rule, sending a request to execute a particular file which may result in getting access to the website triggers another rule, etcetera. ModSecurity is amongst the best firewalls around and it will preserve even scripts that are not updated regularly since it can prevent attackers from employing known exploits and security holes. Quite comprehensive information about every single intrusion attempt is recorded and the logs the firewall keeps are much more comprehensive than the standard logs generated by the Apache server, so you may later examine them and decide whether you need to take more measures so as to improve the protection of your script-driven sites.

ModSecurity in Web Hosting

ModSecurity comes standard with all web hosting plans which we provide and it shall be switched on automatically for any domain or subdomain which you add/create within your Hepsia hosting Control Panel. The firewall has three different modes, so you could activate and deactivate it with simply a mouse click or set it to detection mode, so it shall maintain a log of all attacks, but it will not do anything to stop them. The log for each of your websites will contain comprehensive info which includes the nature of the attack, where it originated from, what action was taken by ModSecurity, and so on. The firewall rules which we use are constantly updated and consist of both commercial ones which we get from a third-party security firm and custom ones that our system admins include in case that they detect a new sort of attacks. In this way, the Internet sites you host here shall be a lot more secure with no action required on your end.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting packages that we offer include ModSecurity and because the firewall is switched on by default, any Internet site that you set up under a domain or a subdomain will be protected immediately. A separate section within the Hepsia CP which comes with the semi-dedicated accounts is devoted to ModSecurity and it will allow you to stop and start the firewall for any Internet site or enable a detection mode. With the latter, ModSecurity will not take any action, but it shall still detect possible attacks and shall keep all info within a log as if it were completely active. The logs could be found inside the same section of the CP and they feature info about the IP where an attack came from, what its nature was, what rule ModSecurity applies to recognize and stop it, and so forth. The security rules that we employ on our web servers are a mix of commercial ones from a security firm and custom ones developed by our system administrators. Consequently, we provide higher security for your web apps as we can defend them from attacks even before security companies release updates for completely new threats.

ModSecurity in VPS Web Hosting

ModSecurity is pre-installed on all virtual private servers which are offered with the Hepsia hosting CP, so your web programs will be secured from the moment your server is ready. The firewall is activated by default for any domain or subdomain on the VPS, but if needed, you could disable it with a click of your mouse through the corresponding section of Hepsia. You can also set it to work in detection mode, so it shall maintain a comprehensive log of any potential attacks without taking any action to prevent them. The logs are available inside the exact same section and provide information regarding the nature of the attack, what IP it came from and what ModSecurity rule was activated to stop it. For optimum security, we use not only commercial rules from a company working in the field of web security, but also custom ones that our administrators include manually in order to respond to new risks which are still not dealt with in the commercial rules.

ModSecurity in Dedicated Servers Hosting

ModSecurity is provided by default with all dedicated servers which are set up with the Hepsia CP and is set to “Active” automatically for any domain which you host or subdomain which you create on the hosting server. In the event that a web app does not operate correctly, you could either turn off the firewall or set it to operate in passive mode. The latter means that ModSecurity will keep a log of any possible attack that could occur, but will not take any action to stop it. The logs produced in active or passive mode will offer you additional details about the exact file which was attacked, the form of the attack and the IP address it originated from, etc. This info shall enable you to determine what actions you can take to increase the safety of your Internet sites, such as blocking IPs or performing script and plugin updates. The ModSecurity rules we use are updated often with a commercial package from a third-party security firm we work with, but sometimes our admins add their own rules also in case they discover a new potential threat.