ModSecurity is an efficient firewall for Apache web servers which is used to stop attacks against web applications. It monitors the HTTP traffic to a specific Internet site in real time and stops any intrusion attempts the moment it discovers them. The firewall uses a set of rules to do this - as an example, attempting to log in to a script admin area without success many times triggers one rule, sending a request to execute a particular file which could result in getting access to the site triggers a different rule, etcetera. ModSecurity is one of the best firewalls around and it will protect even scripts that aren't updated often as it can prevent attackers from using known exploits and security holes. Incredibly thorough info about each intrusion attempt is recorded and the logs the firewall maintains are much more comprehensive than the conventional logs provided by the Apache server, so you could later analyze them and decide whether you need to take extra measures so as to enhance the protection of your script-driven sites.
ModSecurity in Cloud Web Hosting
ModSecurity is available with every single cloud web hosting solution which we provide and it's switched on by default for every domain or subdomain which you include via your Hepsia CP. In the event that it disrupts any of your programs or you'd like to disable it for some reason, you'll be able to accomplish that through the ModSecurity area of Hepsia with simply a mouse click. You may also use a passive mode, so the firewall will recognize potential attacks and keep a log, but will not take any action. You can see comprehensive logs in the very same section, including the IP where the attack came from, exactly what the attacker tried to do and at what time, what ModSecurity did, and so on. For optimum protection of our customers we use a group of commercial firewall rules blended with custom ones that are included by our system admins.
ModSecurity in Semi-dedicated Servers
Any web application you set up in your new semi-dedicated server account will be protected by ModSecurity because the firewall is included with all our hosting plans and is switched on by default for any domain and subdomain you add or create through your Hepsia hosting CP. You shall be able to manage ModSecurity via a dedicated section within Hepsia where not only could you activate or deactivate it completely, but you may also switch on a passive mode, so the firewall won't block anything, but it shall still keep a record of possible attacks. This takes only a click and you will be able to view the logs regardless if ModSecurity is in passive or active mode through the same section - what the attack was and where it originated from, how it was dealt with, and so on. The firewall uses 2 groups of rules on our machines - a commercial one which we get from a third-party web security company and a custom one that our admins update personally as to respond to newly discovered risks as quickly as possible.
ModSecurity in VPS Servers
Safety is extremely important to us, so we install ModSecurity on all VPS servers that are set up with the Hepsia Control Panel as a standard. The firewall can be managed via a dedicated section within Hepsia and is activated automatically when you include a new domain or create a subdomain, so you will not have to do anything by hand. You shall also be able to deactivate it or activate the so-called detection mode, so it will keep a log of possible attacks you can later study, but shall not block them. The logs in both passive and active modes contain details regarding the kind of the attack and how it was prevented, what IP address it came from and other important information which might help you to tighten the security of your websites by updating them or blocking IPs, as an example. Beyond the commercial rules we get for ModSecurity from a third-party security enterprise, we also use our own rules since every now and then we detect specific attacks which aren't yet present in the commercial pack. This way, we can increase the security of your VPS promptly rather than awaiting an official update.
ModSecurity in Dedicated Servers
All our dedicated servers which are installed with the Hepsia hosting CP include ModSecurity, so any application that you upload or install will be secured from the very beginning and you'll not have to stress about common attacks or vulnerabilities. An independent section in Hepsia will allow you to start or stop the firewall for each domain or subdomain, or switch on a detection mode so that it records information about intrusions, but doesn't take actions to stop them. What you will find in the logs shall enable you to to secure your websites better - the IP address an attack came from, what site was attacked and how, what ModSecurity rule was triggered, etcetera. With this information, you could see whether a site needs an update, whether you need to block IPs from accessing your server, etc. Besides the third-party commercial security rules for ModSecurity that we use, our administrators include custom ones as well when they find a new threat which is not yet in the commercial bundle.