ModSecurity is an effective firewall for Apache web servers that is employed to stop attacks towards web applications. It keeps track of the HTTP traffic to a particular Internet site in real time and prevents any intrusion attempts the moment it detects them. The firewall uses a set of rules to do that - for instance, trying to log in to a script admin area without success many times triggers one rule, sending a request to execute a specific file that could result in getting access to the site triggers another rule, etcetera. ModSecurity is one of the best firewalls available and it'll preserve even scripts which are not updated often as it can prevent attackers from using known exploits and security holes. Quite detailed info about each intrusion attempt is recorded and the logs the firewall keeps are considerably more detailed than the regular logs provided by the Apache server, so you may later analyze them and determine whether you need to take extra measures in order to enhance the security of your script-driven Internet sites.

ModSecurity in Shared Hosting

ModSecurity comes by default with all shared hosting plans that we offer and it shall be turned on automatically for any domain or subdomain which you add/create inside your Hepsia hosting CP. The firewall has 3 different modes, so you could activate and disable it with simply a click or set it to detection mode, so it shall maintain a log of all attacks, but it will not do anything to stop them. The log for each of your Internet sites shall feature detailed information including the nature of the attack, where it originated from, what action was taken by ModSecurity, and so forth. The firewall rules which we use are frequently updated and include both commercial ones we get from a third-party security company and custom ones which our system admins include in case that they detect a new type of attacks. This way, the sites you host here shall be way more secure without any action expected on your end.

ModSecurity in Semi-dedicated Servers

ModSecurity is a part of our semi-dedicated server solutions and if you decide to host your sites with us, there shall not be anything special you'll need to do since the firewall is switched on by default for all domains and subdomains you include through your hosting Control Panel. If required, you could disable ModSecurity for a certain site or turn on the so-called detection mode in which case the firewall will still function and record data, but won't do anything to stop potential attacks against your Internet sites. Detailed logs will be readily available within your Control Panel and you shall be able to see which kind of attacks took place, what security rules were triggered and how the firewall addressed the threats, what IP addresses the attacks came from, etc. We employ two types of rules on our servers - commercial ones from a business that operates in the field of web security, and custom ones that our administrators sometimes include to respond to newly found threats on time.

ModSecurity in VPS Servers

Security is very important to us, so we install ModSecurity on all VPS servers that are provided with the Hepsia Control Panel as a standard. The firewall can be managed via a dedicated section in Hepsia and is switched on automatically when you add a new domain or generate a subdomain, so you'll not need to do anything personally. You'll also be able to disable it or turn on the so-called detection mode, so it will maintain a log of potential attacks that you can later examine, but shall not stop them. The logs in both passive and active modes contain info about the type of the attack and how it was stopped, what IP it came from and other important information that might help you to tighten the security of your sites by updating them or blocking IPs, for instance. Besides the commercial rules we get for ModSecurity from a third-party security enterprise, we also employ our own rules as occasionally we detect specific attacks which aren't yet present inside the commercial pack. That way, we could improve the security of your Virtual private server instantly as opposed to awaiting an official update.

ModSecurity in Dedicated Servers

ModSecurity is provided as standard with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain which you host or subdomain that you create on the server. Just in case that a web application doesn't function correctly, you can either disable the firewall or set it to operate in passive mode. The second means that ModSecurity shall maintain a log of any possible attack that may happen, but will not take any action to prevent it. The logs generated in active or passive mode will present you with additional details about the exact file that was attacked, the form of the attack and the IP it originated from, etc. This info shall permit you to choose what steps you can take to enhance the safety of your websites, for instance blocking IPs or carrying out script and plugin updates. The ModSecurity rules we employ are updated constantly with a commercial bundle from a third-party security provider we work with, but oftentimes our administrators add their own rules as well in case they find a new potential threat.