ModSecurity is a powerful firewall for Apache web servers which is employed to stop attacks towards web applications. It keeps track of the HTTP traffic to a specific site in real time and blocks any intrusion attempts the instant it identifies them. The firewall relies on a set of rules to do that - as an illustration, trying to log in to a script administration area without success several times activates one rule, sending a request to execute a certain file that may result in accessing the site triggers a different rule, and so on. ModSecurity is one of the best firewalls around and it'll secure even scripts which are not updated regularly because it can prevent attackers from using known exploits and security holes. Quite thorough info about each and every intrusion attempt is recorded and the logs the firewall maintains are much more detailed than the standard logs generated by the Apache server, so you can later examine them and decide if you need to take extra measures in order to increase the protection of your script-driven Internet sites.

ModSecurity in Web Hosting

ModSecurity is available with every single web hosting plan which we offer and it's switched on by default for any domain or subdomain which you include through your Hepsia Control Panel. In the event that it disrupts any of your programs or you would like to disable it for some reason, you will be able to do that through the ModSecurity section of Hepsia with merely a click. You may also activate a passive mode, so the firewall will discover possible attacks and keep a log, but won't take any action. You can see detailed logs in the same section, including the IP address where the attack came from, exactly what the attacker aimed to do and at what time, what ModSecurity did, and so forth. For maximum security of our customers we use a group of commercial firewall rules mixed with custom ones which are added by our system administrators.

ModSecurity in VPS

Protection is vital to us, so we set up ModSecurity on all virtual private servers which are provided with the Hepsia CP as a standard. The firewall could be managed through a dedicated section within Hepsia and is turned on automatically when you include a new domain or generate a subdomain, so you will not need to do anything manually. You will also be able to deactivate it or turn on the so-called detection mode, so it will maintain a log of possible attacks that you can later analyze, but won't block them. The logs in both passive and active modes offer info about the kind of the attack and how it was prevented, what IP it originated from and other useful data that could help you to tighten the security of your Internet sites by updating them or blocking IPs, as an example. Beyond the commercial rules that we get for ModSecurity from a third-party security firm, we also employ our own rules as from time to time we discover specific attacks which aren't yet present inside the commercial pack. That way, we can easily boost the protection of your VPS in a timely manner as opposed to waiting for a certified update.

ModSecurity in Dedicated Hosting

All of our dedicated servers that are set up with the Hepsia hosting Control Panel come with ModSecurity, so any application that you upload or install shall be protected from the very beginning and you will not have to concern yourself with common attacks or vulnerabilities. An independent section within Hepsia will enable you to start or stop the firewall for every domain or subdomain, or turn on a detection mode so that it records info about intrusions, but does not take actions to prevent them. What you will see in the logs can easily enable you to to secure your websites better - the IP an attack originated from, what site was attacked and in what way, what ModSecurity rule was triggered, and so on. With this data, you'll be able to see whether a site needs an update, whether you need to block IPs from accessing your web server, and so forth. In addition to the third-party commercial security rules for ModSecurity which we use, our admins add custom ones as well when they come across a new threat that's not yet a part of the commercial bundle.