ModSecurity is an effective firewall for Apache web servers which is employed to prevent attacks against web apps. It keeps track of the HTTP traffic to a certain site in real time and blocks any intrusion attempts the instant it detects them. The firewall relies on a set of rules to do that - for example, trying to log in to a script admin area unsuccessfully many times sets off one rule, sending a request to execute a particular file that may result in gaining access to the website triggers a different rule, etcetera. ModSecurity is among the best firewalls on the market and it'll preserve even scripts that are not updated on a regular basis since it can prevent attackers from using known exploits and security holes. Very detailed info about each and every intrusion attempt is recorded and the logs the firewall keeps are considerably more specific than the standard logs provided by the Apache server, so you can later take a look at them and decide if you need to take extra measures in order to boost the security of your script-driven sites.

ModSecurity in Shared Web Hosting

We provide ModSecurity with all shared web hosting packages, so your web applications shall be shielded from harmful attacks. The firewall is turned on by default for all domains and subdomains, but in case you'd like, you'll be able to stop it via the respective section of your Hepsia Control Panel. You can also activate a detection mode, so ModSecurity shall keep a log as intended, but won't take any action. The logs that you'll discover in Hepsia are very detailed and offer info about the nature of any attack, when it occurred and from what IP address, the firewall rule that was triggered, and so forth. We employ a group of commercial rules that are regularly updated, but sometimes our admins include custom rules as well so as to better protect the Internet sites hosted on our machines.

ModSecurity in Semi-dedicated Hosting

ModSecurity is a part of our semi-dedicated hosting plans and if you decide to host your Internet sites with our company, there shall not be anything special you'll need to do as the firewall is activated by default for all domains and subdomains you include using your hosting Control Panel. If necessary, you could disable ModSecurity for a given Internet site or enable the so-called detection mode in which case the firewall shall still operate and record data, but won't do anything to prevent possible attacks against your Internet sites. Thorough logs shall be accessible within your Control Panel and you shall be able to see what sort of attacks happened, what security rules were triggered and how the firewall handled the threats, what IP addresses the attacks originated from, etc. We use 2 types of rules on our servers - commercial ones from a company which operates in the field of web security, and custom made ones which our administrators occasionally add to respond to newly found threats promptly.

ModSecurity in VPS Hosting

ModSecurity is pre-installed on all virtual private servers which are provided with the Hepsia hosting CP, so your web programs shall be secured from the moment your server is in a position. The firewall is activated by default for any domain or subdomain on the Virtual Private Server, but if required, you could deactivate it with a mouse click from the corresponding section of Hepsia. You could also set it to work in detection mode, so it shall maintain a detailed log of any potential attacks without taking any action to prevent them. The logs are available inside the same section and include info about the nature of the attack, what IP address it originated from and what ModSecurity rule was initiated to stop it. For maximum security, we use not simply commercial rules from a business working in the field of web security, but also custom ones that our admins add personally in order to respond to new risks that are still not addressed in the commercial rules.

ModSecurity in Dedicated Web Hosting

ModSecurity is provided as standard with all dedicated servers which are set up with the Hepsia CP and is set to “Active” automatically for any domain which you host or subdomain which you create on the server. Just in case that a web app doesn't function properly, you may either switch off the firewall or set it to operate in passive mode. The latter means that ModSecurity will keep a log of any possible attack which might happen, but will not take any action to prevent it. The logs generated in passive or active mode shall offer you additional details about the exact file which was attacked, the form of the attack and the IP address it originated from, and so on. This data will allow you to decide what measures you can take to enhance the protection of your sites, including blocking IPs or performing script and plugin updates. The ModSecurity rules that we use are updated constantly with a commercial package from a third-party security enterprise we work with, but from time to time our administrators include their own rules too if they discover a new potential threat.