ModSecurity is an efficient firewall for Apache web servers that is employed to prevent attacks against web applications. It monitors the HTTP traffic to a certain Internet site in real time and stops any intrusion attempts the moment it discovers them. The firewall relies on a set of rules to do that - as an example, attempting to log in to a script admin area unsuccessfully several times triggers one rule, sending a request to execute a certain file which could result in getting access to the site triggers another rule, etcetera. ModSecurity is amongst the best firewalls available on the market and it will preserve even scripts that are not updated on a regular basis as it can prevent attackers from using known exploits and security holes. Very detailed information about every single intrusion attempt is recorded and the logs the firewall maintains are much more detailed than the regular logs generated by the Apache server, so you could later analyze them and determine whether you need to take additional measures so as to increase the security of your script-driven Internet sites.

ModSecurity in Cloud Hosting

We offer ModSecurity with all cloud hosting packages, so your web apps shall be shielded from malicious attacks. The firewall is switched on by default for all domains and subdomains, but in case you would like, you shall be able to stop it through the respective section of your Hepsia CP. You'll be able to also switch on a detection mode, so ModSecurity will keep a log as intended, but will not take any action. The logs that you shall discover inside Hepsia are incredibly detailed and feature information about the nature of any attack, when it transpired and from what IP address, the firewall rule which was triggered, and so forth. We employ a group of commercial rules that are regularly updated, but sometimes our admins include custom rules as well in order to better protect the websites hosted on our servers.

ModSecurity in Semi-dedicated Servers

Any web application that you install inside your new semi-dedicated server account shall be protected by ModSecurity as the firewall comes with all our hosting solutions and is activated by default for any domain and subdomain that you include or create through your Hepsia hosting CP. You will be able to manage ModSecurity via a dedicated section in Hepsia where not only can you activate or deactivate it fully, but you can also activate a passive mode, so the firewall shall not stop anything, but it will still keep an archive of potential attacks. This requires just a mouse click and you shall be able to look at the logs no matter if ModSecurity is in active or passive mode through the same section - what the attack was and where it came from, how it was dealt with, etcetera. The firewall uses 2 sets of rules on our machines - a commercial one which we get from a third-party web security firm and a custom one which our administrators update personally as to respond to recently discovered risks immediately.

ModSecurity in Dedicated Servers

All our dedicated servers that are installed with the Hepsia hosting CP feature ModSecurity, so any app which you upload or install shall be secured from the very beginning and you won't have to concern yourself with common attacks or vulnerabilities. An independent section within Hepsia will allow you to start or stop the firewall for every domain or subdomain, or activate a detection mode so that it records information regarding intrusions, but doesn't take actions to prevent them. What you'll find in the logs can easily help you to secure your websites better - the IP address an attack originated from, what site was attacked as well as how, what ModSecurity rule was triggered, and so on. With this data, you'll be able to see whether a website needs an update, whether you should block IPs from accessing your hosting server, and so on. Aside from the third-party commercial security rules for ModSecurity we use, our admins add custom ones as well whenever they discover a new threat which is not yet in the commercial bundle.