ModSecurity is a powerful firewall for Apache web servers which is used to prevent attacks toward web apps. It monitors the HTTP traffic to a particular website in real time and prevents any intrusion attempts the instant it detects them. The firewall uses a set of rules to accomplish that - for instance, attempting to log in to a script administration area without success several times activates one rule, sending a request to execute a certain file which may result in getting access to the website triggers another rule, etcetera. ModSecurity is amongst the best firewalls on the market and it will preserve even scripts which aren't updated on a regular basis because it can prevent attackers from using known exploits and security holes. Very comprehensive data about every intrusion attempt is recorded and the logs the firewall maintains are a lot more detailed than the standard logs created by the Apache server, so you can later take a look at them and decide if you need to take extra measures so as to improve the security of your script-driven Internet sites.

ModSecurity in Website Hosting

ModSecurity can be found with each and every website hosting plan which we offer and it is turned on by default for every domain or subdomain that you include via your Hepsia CP. If it disrupts any of your applications or you'd like to disable it for any reason, you shall be able to achieve that through the ModSecurity area of Hepsia with merely a click. You may also enable a passive mode, so the firewall will discover potential attacks and maintain a log, but won't take any action. You can see extensive logs in the very same section, including the IP address where the attack originated from, what precisely the attacker attempted to do and at what time, what ModSecurity did, etc. For max security of our clients we use a collection of commercial firewall rules combined with custom ones which are provided by our system admins.

ModSecurity in Semi-dedicated Servers

ModSecurity is part of our semi-dedicated server solutions and if you opt to host your Internet sites with us, there will not be anything special you will have to do given that the firewall is activated by default for all domains and subdomains that you include using your hosting Control Panel. If required, you could disable ModSecurity for a certain website or activate the so-called detection mode in which case the firewall shall still operate and record info, but won't do anything to stop possible attacks against your websites. Comprehensive logs will be accessible inside your CP and you shall be able to see which kind of attacks occurred, what security rules were triggered and how the firewall handled the threats, what IP addresses the attacks originated from, and so on. We use 2 types of rules on our servers - commercial ones from an organization which operates in the field of web security, and custom made ones that our admins often include to respond to newly identified threats on time.

ModSecurity in VPS Servers

ModSecurity is pre-installed on all VPS servers that are provided with the Hepsia hosting Control Panel, so your web apps shall be protected from the second your server is in a position. The firewall is switched on by default for any domain or subdomain on the Virtual Private Server, but if required, you can disable it with a mouse click from the corresponding section of Hepsia. You can also set it to function in detection mode, so it will keep a detailed log of any possible attacks without taking any action to prevent them. The logs can be found in the very same section and include information about the nature of the attack, what IP address it originated from and what ModSecurity rule was initiated to stop it. For best security, we use not simply commercial rules from a business working in the field of web security, but also custom ones our admins include manually so as to respond to new threats that are still not dealt with in the commercial rules.

ModSecurity in Dedicated Servers

All of our dedicated servers that are set up with the Hepsia hosting CP feature ModSecurity, so any app which you upload or install will be protected from the very beginning and you will not have to stress about common attacks or vulnerabilities. A separate section inside Hepsia will permit you to start or stop the firewall for any domain or subdomain, or switch on a detection mode so that it records information about intrusions, but does not take actions to stop them. What you will see in the logs can enable you to to secure your sites better - the IP an attack originated from, what website was attacked as well as how, what ModSecurity rule was triggered, and so on. With this info, you could see if a website needs an update, whether you ought to block IPs from accessing your web server, etcetera. Besides the third-party commercial security rules for ModSecurity we use, our admins add custom ones as well whenever they discover a new threat which is not yet a part of the commercial bundle.