ModSecurity is an efficient firewall for Apache web servers which is employed to prevent attacks towards web applications. It tracks the HTTP traffic to a specific Internet site in real time and prevents any intrusion attempts as soon as it discovers them. The firewall uses a set of rules to do that - as an illustration, trying to log in to a script administrator area unsuccessfully several times sets off one rule, sending a request to execute a particular file which could result in gaining access to the site triggers a different rule, and so on. ModSecurity is one of the best firewalls around and it'll preserve even scripts which aren't updated often since it can prevent attackers from employing known exploits and security holes. Very comprehensive data about every intrusion attempt is recorded and the logs the firewall maintains are far more detailed than the conventional logs provided by the Apache server, so you can later take a look at them and determine whether you need to take more measures in order to improve the security of your script-driven websites.

ModSecurity in Cloud Website Hosting

ModSecurity is available with each cloud website hosting solution which we provide and it's activated by default for every domain or subdomain that you add via your Hepsia Control Panel. In the event that it interferes with any of your applications or you would like to disable it for some reason, you'll be able to do that through the ModSecurity section of Hepsia with just a click. You can also activate a passive mode, so the firewall will recognize potential attacks and keep a log, but won't take any action. You could see extensive logs in the very same section, including the IP address where the attack originated from, what exactly the attacker attempted to do and at what time, what ModSecurity did, etc. For optimum security of our clients we use a set of commercial firewall rules mixed with custom ones which are added by our system administrators.

ModSecurity in Semi-dedicated Servers

Any web app you install in your new semi-dedicated server account will be protected by ModSecurity since the firewall is provided with all our hosting packages and is activated by default for any domain and subdomain which you add or create using your Hepsia hosting CP. You'll be able to manage ModSecurity via a dedicated area within Hepsia where not only could you activate or deactivate it fully, but you could also enable a passive mode, so the firewall shall not block anything, but it'll still maintain an archive of potential attacks. This normally requires just a mouse click and you will be able to look at the logs regardless of if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was addressed, etc. The firewall employs two groups of rules on our machines - a commercial one which we get from a third-party web security company and a custom one that our administrators update manually in order to respond to recently discovered risks as quickly as possible.

ModSecurity in VPS Servers

ModSecurity is provided with all Hepsia-based VPS servers that we offer and it will be activated automatically for every new domain or subdomain you add on the hosting server. That way, any web application that you install will be secured right away without doing anything manually on your end. The firewall can be managed via the section of the Control Panel that has the same name. This is the area whereyou can disable ModSecurity or enable its passive mode, so it shall not take any action toward threats, but will still maintain a comprehensive log. The recorded info is available in the same section as well and you'll be able to see what IPs any attacks originated from to enable you to stop them, what the nature of the attempted attacks was and based on what security rules ModSecurity reacted. The rules that we employ on our servers are a blend between commercial ones which we get from a security company and custom ones that are included by our administrators to enhance the security of any web apps hosted on our end.

ModSecurity in Dedicated Servers

ModSecurity is provided as standard with all dedicated servers that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain that you host or subdomain you create on the hosting server. In the event that a web application does not function correctly, you could either disable the firewall or set it to function in passive mode. The latter means that ModSecurity will keep a log of any possible attack which could take place, but will not take any action to stop it. The logs produced in active or passive mode shall provide you with more details about the exact file that was attacked, the type of the attack and the IP address it came from, and so forth. This information will enable you to choose what actions you can take to enhance the safety of your sites, for instance blocking IPs or performing script and plugin updates. The ModSecurity rules we use are updated often with a commercial bundle from a third-party security enterprise we work with, but occasionally our admins include their own rules too in case they find a new potential threat.