ModSecurity is an efficient firewall for Apache web servers that is used to prevent attacks against web apps. It tracks the HTTP traffic to a given website in real time and stops any intrusion attempts as soon as it detects them. The firewall uses a set of rules to do that - for example, attempting to log in to a script administration area without success a few times activates one rule, sending a request to execute a specific file that could result in getting access to the website triggers a different rule, etc. ModSecurity is amongst the best firewalls on the market and it will preserve even scripts that aren't updated often as it can prevent attackers from employing known exploits and security holes. Very comprehensive data about every single intrusion attempt is recorded and the logs the firewall maintains are a lot more specific than the standard logs generated by the Apache server, so you may later analyze them and determine whether you need to take more measures in order to improve the security of your script-driven websites.
ModSecurity in Shared Web Hosting
We provide ModSecurity with all shared web hosting packages, so your Internet apps shall be shielded from harmful attacks. The firewall is switched on as standard for all domains and subdomains, but in case you'd like, you shall be able to stop it using the respective area of your Hepsia CP. You can also activate a detection mode, so ModSecurity will keep a log as intended, but won't take any action. The logs which you'll find inside Hepsia are very detailed and include data about the nature of any attack, when it took place and from what IP, the firewall rule that was triggered, and so forth. We use a set of commercial rules which are regularly updated, but sometimes our admins add custom rules as well so as to better protect the websites hosted on our machines.
ModSecurity in Semi-dedicated Hosting
ModSecurity is a part of our semi-dedicated hosting solutions and if you decide to host your websites with us, there will not be anything special you'll need to do as the firewall is activated by default for all domains and subdomains which you include using your hosting Control Panel. If needed, you'll be able to disable ModSecurity for a given site or activate the so-called detection mode in which case the firewall will still work and record data, but shall not do anything to stop potential attacks against your sites. Comprehensive logs shall be accessible within your CP and you will be able to see what sort of attacks took place, what security rules were triggered and how the firewall dealt with the threats, what Internet protocol addresses the attacks came from, etcetera. We employ 2 types of rules on our servers - commercial ones from a firm which operates in the field of web security, and custom made ones which our administrators occasionally add to respond to newly identified risks promptly.
ModSecurity in VPS Web Hosting
All virtual private servers which are offered with the Hepsia Control Panel feature ModSecurity. The firewall is installed and turned on by default for all domains which are hosted on the web server, so there shall not be anything special that you shall have to do to protect your sites. It'll take you simply a click to stop ModSecurity if needed or to turn on its passive mode so that it records what goes on without taking any steps to stop intrusions. You shall be able to look at the logs generated in active or passive mode through the corresponding section of Hepsia and discover more about the type of the attack, where it originated from, what rule the firewall used to deal with it, and so on. We use a combination of commercial and custom rules in order to ensure that ModSecurity will stop as many threats as possible, therefore increasing the protection of your web apps as much as possible.
ModSecurity in Dedicated Servers Hosting
ModSecurity is offered by default with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain which you host or subdomain you create on the hosting server. Just in case that a web app does not operate properly, you can either switch off the firewall or set it to function in passive mode. The second means that ModSecurity will maintain a log of any possible attack that might occur, but shall not take any action to stop it. The logs created in passive or active mode shall present you with more details about the exact file that was attacked, the nature of the attack and the IP it came from, etcetera. This data shall permit you to decide what steps you can take to boost the security of your websites, for instance blocking IPs or carrying out script and plugin updates. The ModSecurity rules we employ are updated often with a commercial pack from a third-party security firm we work with, but sometimes our admins add their own rules also when they discover a new potential threat.