ModSecurity is a highly effective firewall for Apache web servers that's used to stop attacks towards web apps. It monitors the HTTP traffic to a certain site in real time and blocks any intrusion attempts the moment it discovers them. The firewall uses a set of rules to do that - for instance, attempting to log in to a script administrator area without success a few times sets off one rule, sending a request to execute a certain file which could result in accessing the site triggers a different rule, and so forth. ModSecurity is among the best firewalls available on the market and it'll protect even scripts that are not updated often as it can prevent attackers from using known exploits and security holes. Very detailed information about every single intrusion attempt is recorded and the logs the firewall keeps are far more comprehensive than the regular logs provided by the Apache server, so you may later take a look at them and determine whether you need to take more measures in order to improve the protection of your script-driven websites.

ModSecurity in Web Hosting

ModSecurity comes by default with all web hosting plans which we supply and it shall be turned on automatically for any domain or subdomain that you add/create in your Hepsia hosting Control Panel. The firewall has three different modes, so you could activate and disable it with just a click or set it to detection mode, so it will maintain a log of all attacks, but it'll not do anything to stop them. The log for each of your sites will contain elaborate information which includes the nature of the attack, where it originated from, what action was taken by ModSecurity, etc. The firewall rules that we use are regularly updated and include both commercial ones which we get from a third-party security company and custom ones that our system admins include in case that they detect a new type of attacks. This way, the sites which you host here shall be much more secure without any action needed on your end.

ModSecurity in Semi-dedicated Hosting

We've incorporated ModSecurity as a standard within all semi-dedicated hosting packages, so your web applications will be protected the instant you install them under any domain or subdomain. The Hepsia CP that is included with the semi-dedicated accounts shall permit you to switch on or disable the firewall for any Internet site with a click. You shall also be able to switch on a passive detection mode with which ModSecurity shall maintain a log of potential attacks without actually preventing them. The detailed logs include things like the nature of the attack and what ModSecurity response that attack initiated, where it originated from, and so on. The list of rules we use is constantly updated as to match any new risks which might appear on the Internet and it consists of both commercial rules that we get from a security corporation and custom-written ones which our administrators add in the event that they discover a threat which is not present within the commercial list yet.

ModSecurity in VPS Web Hosting

All virtual private servers which are provided with the Hepsia Control Panel include ModSecurity. The firewall is installed and turned on by default for all domains that are hosted on the machine, so there will not be anything special which you'll need to do to protect your websites. It shall take you a click to stop ModSecurity if required or to turn on its passive mode so that it records what goes on without taking any actions to stop intrusions. You shall be able to see the logs produced in passive or active mode via the corresponding section of Hepsia and discover more about the type of the attack, where it came from, what rule the firewall employed to take care of it, etcetera. We use a combination of commercial and custom rules in order to ensure that ModSecurity shall block out as many threats as possible, therefore boosting the protection of your web applications as much as possible.

ModSecurity in Dedicated Servers Hosting

When you opt to host your sites on a dedicated server with the Hepsia Control Panel, your web apps will be secured right away because ModSecurity is provided with all Hepsia-based plans. You will be able to control the firewall with ease and if necessary, you'll be able to turn it off or switch on its passive mode when it'll only maintain a log of what is occurring without taking any action to prevent potential attacks. The logs which you can find inside the exact same section of the CP are very detailed and include details about the attacker IP address, what website and file were attacked and in what way, what rule the firewall used to stop the intrusion, and so on. This information will allow you to take measures and enhance the protection of your Internet sites even more. To be on the safe side, we use not just commercial rules, but also custom-made ones that our administrators add whenever they detect attacks which have not yet been included within the commercial pack.