ModSecurity is an efficient firewall for Apache web servers that is used to prevent attacks towards web applications. It tracks the HTTP traffic to a certain website in real time and stops any intrusion attempts as soon as it detects them. The firewall uses a set of rules to do this - for example, trying to log in to a script administration area unsuccessfully several times triggers one rule, sending a request to execute a certain file that may result in gaining access to the site triggers another rule, etc. ModSecurity is one of the best firewalls available and it will protect even scripts that aren't updated regularly since it can prevent attackers from employing known exploits and security holes. Incredibly thorough info about each and every intrusion attempt is recorded and the logs the firewall maintains are far more detailed than the regular logs provided by the Apache server, so you could later analyze them and decide whether you need to take additional measures in order to enhance the security of your script-driven sites.

ModSecurity in Cloud Hosting

ModSecurity can be found with each and every cloud hosting solution which we offer and it is activated by default for every domain or subdomain that you include through your Hepsia CP. In the event that it interferes with any of your apps or you would like to disable it for some reason, you'll be able to accomplish that through the ModSecurity area of Hepsia with simply a click. You can also activate a passive mode, so the firewall will recognize possible attacks and maintain a log, but won't take any action. You'll be able to view comprehensive logs in the exact same section, including the IP where the attack originated from, what precisely the attacker tried to do and at what time, what ModSecurity did, etcetera. For optimum security of our clients we use a set of commercial firewall rules mixed with custom ones that are provided by our system administrators.

ModSecurity in Semi-dedicated Hosting

We've included ModSecurity as a standard inside all semi-dedicated hosting packages, so your web apps shall be protected whenever you set them up under any domain or subdomain. The Hepsia Control Panel which comes with the semi-dedicated accounts shall permit you to activate or turn off the firewall for any Internet site with a mouse click. You'll also have the ability to turn on a passive detection mode with which ModSecurity will keep a log of possible attacks without actually stopping them. The comprehensive logs include things like the nature of the attack and what ModSecurity response that attack triggered, where it originated from, and so on. The list of rules we employ is regularly updated in order to match any new risks which might appear on the Internet and it includes both commercial rules that we get from a security company and custom-written ones which our administrators add if they find a threat that is not present inside the commercial list yet.

ModSecurity in VPS

Security is vital to us, so we install ModSecurity on all virtual private servers which are set up with the Hepsia Control Panel as a standard. The firewall can be managed through a dedicated section inside Hepsia and is activated automatically when you include a new domain or generate a subdomain, so you won't have to do anything manually. You shall also be able to deactivate it or turn on the so-called detection mode, so it'll maintain a log of possible attacks which you can later examine, but won't prevent them. The logs in both passive and active modes offer details regarding the type of the attack and how it was stopped, what IP it came from and other useful data which may help you to tighten the security of your websites by updating them or blocking IPs, as an example. In addition to the commercial rules which we get for ModSecurity from a third-party security company, we also use our own rules because from time to time we identify specific attacks which are not yet present within the commercial pack. This way, we can enhance the security of your Virtual private server in a timely manner rather than waiting for an official update.

ModSecurity in Dedicated Hosting

When you decide to host your sites on a dedicated server with the Hepsia CP, your web applications will be secured right from the start since ModSecurity is provided with all Hepsia-based packages. You will be able to manage the firewall effortlessly and if needed, you shall be able to turn it off or switch on its passive mode when it shall only keep a log of what's occurring without taking any action to prevent potential attacks. The logs which you will find inside the same section of the Control Panel are extremely detailed and feature info about the attacker IP, what site and file were attacked and in what ways, what rule the firewall employed to prevent the intrusion, and so forth. This data shall allow you to take measures and boost the security of your Internet sites even more. To be on the safe side, we use not only commercial rules, but also custom-made ones that our admins include every time they identify attacks that have not yet been included in the commercial pack.