ModSecurity is an effective firewall for Apache web servers that's used to stop attacks toward web apps. It tracks the HTTP traffic to a given Internet site in real time and blocks any intrusion attempts the moment it detects them. The firewall uses a set of rules to do this - as an illustration, attempting to log in to a script admin area unsuccessfully several times sets off one rule, sending a request to execute a particular file that may result in accessing the site triggers another rule, etcetera. ModSecurity is among the best firewalls around and it will secure even scripts that aren't updated often because it can prevent attackers from employing known exploits and security holes. Incredibly thorough data about every single intrusion attempt is recorded and the logs the firewall maintains are considerably more specific than the regular logs provided by the Apache server, so you could later take a look at them and determine if you need to take extra measures so as to boost the safety of your script-driven sites.

ModSecurity in Shared Website Hosting

We provide ModSecurity with all shared website hosting solutions, so your Internet apps will be protected against malicious attacks. The firewall is switched on by default for all domains and subdomains, but in case you'd like, you will be able to stop it via the respective part of your Hepsia Control Panel. You can also activate a detection mode, so ModSecurity will keep a log as intended, but shall not take any action. The logs that you shall find inside Hepsia are very detailed and feature information about the nature of any attack, when it happened and from what IP address, the firewall rule which was triggered, etcetera. We employ a group of commercial rules which are often updated, but sometimes our administrators include custom rules as well so as to efficiently protect the websites hosted on our machines.

ModSecurity in Semi-dedicated Servers

ModSecurity is a part of our semi-dedicated server solutions and if you opt to host your Internet sites with our company, there shall not be anything special you'll need to do as the firewall is turned on by default for all domains and subdomains you add via your hosting CP. If necessary, you'll be able to disable ModSecurity for a given Internet site or activate the so-called detection mode in which case the firewall will still work and record information, but won't do anything to stop potential attacks on your Internet sites. Thorough logs will be available within your CP and you shall be able to see what sort of attacks took place, what security rules were triggered and how the firewall dealt with the threats, what Internet protocol addresses the attacks originated from, and so forth. We employ two sorts of rules on our servers - commercial ones from a business which operates in the field of web security, and customized ones that our administrators often add to respond to newly found threats on time.

ModSecurity in VPS Servers

ModSecurity is pre-installed on all VPS servers that are set up with the Hepsia hosting Control Panel, so your web applications will be secured from the moment your server is in a position. The firewall is switched on by default for any domain or subdomain on the VPS, but if necessary, you can deactivate it with a click of your mouse through the corresponding section of Hepsia. You could also set it to operate in detection mode, so it shall keep a detailed log of any potential attacks without taking any action to prevent them. The logs are available within the very same section and provide information regarding the nature of the attack, what IP it came from and what ModSecurity rule was activated to stop it. For maximum security, we employ not just commercial rules from a company operating in the field of web security, but also custom ones our administrators include manually in order to react to new threats which are still not tackled in the commercial rules.

ModSecurity in Dedicated Servers

When you opt to host your Internet sites on a dedicated server with the Hepsia CP, your web apps shall be secured immediately because ModSecurity is provided with all Hepsia-based solutions. You shall be able to control the firewall easily and if necessary, you will be able to turn it off or enable its passive mode when it shall only maintain a log of what's occurring without taking any action to prevent possible attacks. The logs which you will find in the same section of the Control Panel are very detailed and include details about the attacker IP address, what website and file were attacked and in what way, what rule the firewall used to stop the intrusion, and so forth. This information shall enable you to take measures and enhance the security of your sites even more. To be on the safe side, we employ not just commercial rules, but also custom-made ones that our staff add when they recognize attacks which haven't yet been included inside the commercial pack.