ModSecurity is an efficient firewall for Apache web servers that's used to stop attacks against web apps. It keeps track of the HTTP traffic to a certain Internet site in real time and prevents any intrusion attempts as soon as it detects them. The firewall relies on a set of rules to do this - as an illustration, attempting to log in to a script administrator area unsuccessfully a few times sets off one rule, sending a request to execute a specific file that may result in getting access to the website triggers a different rule, etcetera. ModSecurity is amongst the best firewalls around and it'll secure even scripts that are not updated on a regular basis as it can prevent attackers from using known exploits and security holes. Quite thorough info about every single intrusion attempt is recorded and the logs the firewall maintains are far more comprehensive than the regular logs created by the Apache server, so you can later examine them and decide whether you need to take additional measures in order to boost the safety of your script-driven websites.

ModSecurity in Hosting

ModSecurity can be found with each hosting package that we offer and it is turned on by default for every domain or subdomain that you add through your Hepsia CP. If it interferes with any of your apps or you'd like to disable it for whatever reason, you will be able to do this through the ModSecurity area of Hepsia with only a mouse click. You could also enable a passive mode, so the firewall will detect possible attacks and keep a log, but will not take any action. You could view extensive logs in the very same section, including the IP address where the attack came from, exactly what the attacker tried to do and at what time, what ModSecurity did, and so on. For maximum protection of our clients we use a set of commercial firewall rules combined with custom ones that are added by our system administrators.

ModSecurity in Semi-dedicated Servers

We've integrated ModSecurity as a standard within all semi-dedicated server products, so your web applications shall be protected whenever you set them up under any domain or subdomain. The Hepsia Control Panel which is included with the semi-dedicated accounts will allow you to enable or turn off the firewall for any site with a click. You will also be able to turn on a passive detection mode through which ModSecurity shall maintain a log of possible attacks without actually preventing them. The detailed logs include things like the nature of the attack and what ModSecurity response that attack initiated, where it originated from, and so on. The list of rules we employ is constantly updated as to match any new risks which could appear on the Internet and it consists of both commercial rules that we get from a security firm and custom-written ones which our administrators add if they find a threat which is not present in the commercial list yet.

ModSecurity in VPS Servers

ModSecurity is provided with all Hepsia-based VPS servers that we offer and it will be switched on automatically for any new domain or subdomain you include on the server. That way, any web app you install will be secured right away without doing anything by hand on your end. The firewall could be handled through the section of the Control Panel that bears the same name. This is the location in whichyou can switch off ModSecurity or let its passive mode, so it won't take any action against threats, but shall still maintain a detailed log. The recorded data is available in the same section as well and you will be able to see what IPs any attacks originated from so that you can stop them, what the nature of the attempted attacks was and based on what security rules ModSecurity reacted. The rules which we employ on our servers are a mix between commercial ones that we get from a security company and custom ones that are added by our administrators to enhance the security of any web apps hosted on our end.

ModSecurity in Dedicated Servers

ModSecurity is offered as standard with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain that you host or subdomain which you create on the hosting server. Just in case that a web app doesn't operate correctly, you may either disable the firewall or set it to operate in passive mode. The second means that ModSecurity shall maintain a log of any possible attack which may occur, but won't take any action to stop it. The logs created in active or passive mode shall offer you additional details about the exact file that was attacked, the nature of the attack and the IP address it originated from, etcetera. This data will permit you to decide what steps you can take to enhance the protection of your Internet sites, such as blocking IPs or performing script and plugin updates. The ModSecurity rules that we use are updated frequently with a commercial package from a third-party security firm we work with, but occasionally our staff include their own rules also in the event that they discover a new potential threat.