ModSecurity is an effective firewall for Apache web servers which is used to prevent attacks toward web applications. It monitors the HTTP traffic to a certain website in real time and prevents any intrusion attempts the moment it discovers them. The firewall uses a set of rules to do that - for instance, trying to log in to a script administrator area unsuccessfully several times activates one rule, sending a request to execute a specific file that could result in getting access to the website triggers a different rule, and so forth. ModSecurity is amongst the best firewalls on the market and it will preserve even scripts which aren't updated frequently since it can prevent attackers from using known exploits and security holes. Incredibly detailed information about every single intrusion attempt is recorded and the logs the firewall keeps are far more specific than the conventional logs generated by the Apache server, so you may later take a look at them and determine if you need to take additional measures in order to increase the safety of your script-driven websites.

ModSecurity in Cloud Hosting

ModSecurity is available with every cloud hosting package which we provide and it is turned on by default for every domain or subdomain that you add via your Hepsia Control Panel. If it interferes with any of your apps or you would like to disable it for some reason, you shall be able to achieve that through the ModSecurity section of Hepsia with only a mouse click. You can also activate a passive mode, so the firewall will identify potential attacks and maintain a log, but won't take any action. You could view detailed logs in the same section, including the IP address where the attack came from, what exactly the attacker attempted to do and at what time, what ModSecurity did, and so forth. For max safety of our clients we use a collection of commercial firewall rules combined with custom ones that are provided by our system admins.

ModSecurity in Semi-dedicated Servers

We have incorporated ModSecurity by default inside all semi-dedicated server products, so your web apps will be protected the instant you install them under any domain or subdomain. The Hepsia CP that comes with the semi-dedicated accounts shall allow you to activate or turn off the firewall for any website with a click. You'll also be able to activate a passive detection mode in which ModSecurity will maintain a log of potential attacks without actually stopping them. The detailed logs contain the nature of the attack and what ModSecurity response this attack triggered, where it came from, and so forth. The list of rules that we use is constantly updated in order to match any new threats which may appear on the Internet and it includes both commercial rules that we get from a security corporation and custom-written ones that our administrators include in case they discover a threat that's not present inside the commercial list yet.

ModSecurity in VPS Servers

ModSecurity is included with all Hepsia-based VPS servers that we offer and it'll be activated automatically for any new domain or subdomain which you include on the machine. That way, any web app which you install shall be secured right from the start without doing anything by hand on your end. The firewall can be handled via the section of the CP that has the same name. This is the place in whichyou could disable ModSecurity or enable its passive mode, so it shall not take any action toward threats, but shall still maintain a comprehensive log. The recorded info is available inside the same area as well and you will be able to see what IPs any attacks originated from to enable you to stop them, what the nature of the attempted attacks was and based upon what security rules ModSecurity responded. The rules that we use on our servers are a blend between commercial ones which we get from a security company and custom ones which are added by our staff to maximize the protection of any web apps hosted on our end.

ModSecurity in Dedicated Servers

ModSecurity is offered by default with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain that you host or subdomain which you create on the web server. In the event that a web application doesn't work properly, you can either turn off the firewall or set it to operate in passive mode. The second means that ModSecurity will keep a log of any potential attack that might take place, but will not take any action to prevent it. The logs produced in active or passive mode will provide you with more details about the exact file which was attacked, the type of the attack and the IP it originated from, etcetera. This data will permit you to choose what measures you can take to boost the protection of your sites, including blocking IPs or carrying out script and plugin updates. The ModSecurity rules we use are updated constantly with a commercial bundle from a third-party security provider we work with, but oftentimes our staff include their own rules too if they come across a new potential threat.