ModSecurity is an efficient firewall for Apache web servers which is employed to prevent attacks against web applications. It monitors the HTTP traffic to a specific website in real time and stops any intrusion attempts the instant it detects them. The firewall uses a set of rules to do this - for example, trying to log in to a script admin area without success many times activates one rule, sending a request to execute a particular file which could result in accessing the site triggers another rule, and so forth. ModSecurity is amongst the best firewalls available and it will secure even scripts that are not updated frequently since it can prevent attackers from using known exploits and security holes. Very comprehensive information about each and every intrusion attempt is recorded and the logs the firewall keeps are much more comprehensive than the standard logs generated by the Apache server, so you may later analyze them and determine if you need to take additional measures in order to improve the security of your script-driven Internet sites.

ModSecurity in Hosting

ModSecurity comes by default with all hosting plans which we supply and it'll be turned on automatically for any domain or subdomain that you add/create in your Hepsia hosting CP. The firewall has three different modes, so you'll be able to switch on and deactivate it with simply a click or set it to detection mode, so it shall keep a log of all attacks, but it will not do anything to prevent them. The log for each of your websites shall contain elaborate info including the nature of the attack, where it came from, what action was taken by ModSecurity, and so on. The firewall rules that we use are constantly updated and incorporate both commercial ones that we get from a third-party security company and custom ones which our system admins include in case that they detect a new type of attacks. That way, the sites you host here shall be a lot more protected without any action required on your end.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server solutions which we offer come with ModSecurity and given that the firewall is turned on by default, any website that you create under a domain or a subdomain shall be protected right away. An individual section within the Hepsia Control Panel which comes with the semi-dedicated accounts is devoted to ModSecurity and it'll permit you to stop and start the firewall for any Internet site or activate a detection mode. With the last mentioned, ModSecurity won't take any action, but it'll still detect possible attacks and shall keep all info within a log as if it were completely active. The logs could be found inside the very same section of the Control Panel and they include information about the IP where an attack came from, what its nature was, what rule ModSecurity applies to detect and stop it, and so forth. The security rules we use on our machines are a mix between commercial ones from a security company and custom ones created by our system administrators. Consequently, we offer greater security for your web programs as we can protect them from attacks before security firms release updates for new threats.

ModSecurity in VPS Servers

ModSecurity is pre-installed on all VPS servers which are offered with the Hepsia hosting CP, so your web programs shall be secured from the second your server is ready. The firewall is switched on by default for any domain or subdomain on the Virtual Private Server, but if needed, you could disable it with a click of your mouse via the corresponding section of Hepsia. You could also set it to operate in detection mode, so it'll keep an extensive log of any potential attacks without taking any action to prevent them. The logs are available in the very same section and offer information about the nature of the attack, what IP address it originated from and what ModSecurity rule was activated to stop it. For best security, we employ not simply commercial rules from a business working in the field of web security, but also custom ones our administrators include personally so as to respond to new risks that are still not tackled in the commercial rules.

ModSecurity in Dedicated Servers

If you decide to host your websites on a dedicated server with the Hepsia CP, your web programs will be secured immediately since ModSecurity is available with all Hepsia-based plans. You'll be able to control the firewall effortlessly and if required, you will be able to turn it off or switch on its passive mode when it'll only keep a log of what's occurring without taking any action to stop possible attacks. The logs that you'll find in the same section of the Control Panel are extremely detailed and include details about the attacker IP, what site and file were attacked and in what way, what rule the firewall employed to prevent the intrusion, and so forth. This data will enable you to take measures and enhance the security of your websites even more. To be on the safe side, we use not only commercial rules, but also custom-made ones which our staff add every time they recognize attacks that haven't yet been included in the commercial pack.