ModSecurity is a highly effective firewall for Apache web servers which is used to stop attacks towards web apps. It monitors the HTTP traffic to a given site in real time and blocks any intrusion attempts as soon as it discovers them. The firewall relies on a set of rules to accomplish that - as an example, attempting to log in to a script admin area without success several times activates one rule, sending a request to execute a particular file which may result in getting access to the website triggers another rule, etc. ModSecurity is among the best firewalls available on the market and it will protect even scripts that aren't updated on a regular basis as it can prevent attackers from using known exploits and security holes. Very detailed info about each and every intrusion attempt is recorded and the logs the firewall maintains are much more comprehensive than the conventional logs created by the Apache server, so you may later examine them and decide if you need to take more measures so as to improve the protection of your script-driven Internet sites.

ModSecurity in Shared Website Hosting

We offer ModSecurity with all shared website hosting solutions, so your Internet applications shall be shielded from destructive attacks. The firewall is switched on by default for all domains and subdomains, but if you would like, you shall be able to stop it via the respective part of your Hepsia CP. You could also activate a detection mode, so ModSecurity shall keep a log as intended, but shall not take any action. The logs which you'll find within Hepsia are very detailed and offer data about the nature of any attack, when it transpired and from what IP, the firewall rule which was triggered, etc. We use a group of commercial rules that are constantly updated, but sometimes our administrators include custom rules as well so as to efficiently protect the Internet sites hosted on our servers.

ModSecurity in Semi-dedicated Hosting

ModSecurity is part of our semi-dedicated hosting plans and if you choose to host your websites with our company, there will not be anything special you'll have to do as the firewall is activated by default for all domains and subdomains you include using your hosting Control Panel. If needed, you could disable ModSecurity for a given Internet site or switch on the so-called detection mode in which case the firewall shall still operate and record info, but won't do anything to prevent possible attacks against your Internet sites. Detailed logs shall be readily available inside your CP and you will be able to see which kind of attacks took place, what security rules were triggered and how the firewall handled the threats, what Internet protocol addresses the attacks came from, etcetera. We use two sorts of rules on our servers - commercial ones from a firm that operates in the field of web security, and custom ones which our admins sometimes add to respond to newly found threats promptly.

ModSecurity in VPS

ModSecurity is pre-installed on all virtual private servers that are set up with the Hepsia hosting CP, so your web programs will be protected from the moment your server is in a position. The firewall is turned on by default for any domain or subdomain on the VPS, but if required, you'll be able to deactivate it with a mouse click from the corresponding section of Hepsia. You can also set it to work in detection mode, so it shall maintain an extensive log of any possible attacks without taking any action to prevent them. The logs are available inside the very same section and include details about the nature of the attack, what IP address it came from and what ModSecurity rule was triggered to stop it. For best security, we employ not only commercial rules from a firm operating in the field of web security, but also custom ones our administrators include manually so as to react to new risks which are still not dealt with in the commercial rules.

ModSecurity in Dedicated Hosting

All of our dedicated servers which are installed with the Hepsia hosting Control Panel come with ModSecurity, so any program you upload or install shall be properly secured from the very beginning and you'll not need to bother about common attacks or vulnerabilities. An individual section inside Hepsia will permit you to start or stop the firewall for any domain or subdomain, or turn on a detection mode so that it records info about intrusions, but does not take actions to prevent them. What you shall discover in the logs can help you to secure your sites better - the IP an attack originated from, what website was attacked and exactly how, what ModSecurity rule was triggered, etcetera. With this information, you'll be able to see whether a site needs an update, if you ought to block IPs from accessing your server, etcetera. On top of the third-party commercial security rules for ModSecurity which we use, our admins add custom ones too when they find a new threat that is not yet a part of the commercial bundle.