ModSecurity is a highly effective firewall for Apache web servers that's employed to stop attacks against web applications. It monitors the HTTP traffic to a specific website in real time and blocks any intrusion attempts the moment it identifies them. The firewall uses a set of rules to do this - for example, trying to log in to a script admin area without success many times activates one rule, sending a request to execute a particular file that could result in accessing the Internet site triggers a different rule, and so on. ModSecurity is one of the best firewalls available and it will secure even scripts that aren't updated frequently since it can prevent attackers from employing known exploits and security holes. Very detailed info about every intrusion attempt is recorded and the logs the firewall maintains are a lot more comprehensive than the conventional logs generated by the Apache server, so you can later take a look at them and decide whether you need to take additional measures so as to improve the safety of your script-driven sites.

ModSecurity in Web Hosting

ModSecurity comes standard with all web hosting packages which we provide and it will be activated automatically for any domain or subdomain which you add/create within your Hepsia hosting Control Panel. The firewall has three different modes, so you could switch on and disable it with simply a mouse click or set it to detection mode, so it will keep a log of all attacks, but it will not do anything to stop them. The log for each of your sites shall feature comprehensive info including the nature of the attack, where it came from, what action was taken by ModSecurity, etcetera. The firewall rules we use are frequently updated and comprise of both commercial ones that we get from a third-party security company and custom ones that our system admins include in case that they detect a new type of attacks. In this way, the Internet sites that you host here shall be way more protected with no action needed on your end.

ModSecurity in Semi-dedicated Servers

We've incorporated ModSecurity as a standard inside all semi-dedicated server packages, so your web apps shall be protected as soon as you install them under any domain or subdomain. The Hepsia CP that comes with the semi-dedicated accounts shall permit you to activate or turn off the firewall for any Internet site with a click. You will also have the ability to activate a passive detection mode with which ModSecurity will maintain a log of potential attacks without really stopping them. The thorough logs contain the nature of the attack and what ModSecurity response that attack triggered, where it came from, and so on. The list of rules that we use is frequently updated as to match any new risks that may appear on the Internet and it features both commercial rules that we get from a security corporation and custom-written ones which our administrators add if they find a threat that's not present in the commercial list yet.

ModSecurity in VPS Servers

ModSecurity is provided with all Hepsia-based VPS servers we offer and it will be activated automatically for every new domain or subdomain which you include on the hosting server. This way, any web application that you install shall be protected right from the start without doing anything manually on your end. The firewall could be managed via the section of the CP that has the same name. This is the area in whichyou could disable ModSecurity or activate its passive mode, so it won't take any action against threats, but shall still keep a comprehensive log. The recorded data is available inside the same section as well and you shall be able to see what IPs any attacks originated from to enable you to stop them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity reacted. The rules that we employ on our servers are a mixture between commercial ones we get from a security organization and custom ones that are added by our admins to optimize the protection of any web apps hosted on our end.

ModSecurity in Dedicated Servers

When you decide to host your websites on a dedicated server with the Hepsia Control Panel, your web apps will be secured straight away as ModSecurity is provided with all Hepsia-based solutions. You will be able to manage the firewall without difficulty and if necessary, you will be able to turn it off or switch on its passive mode when it will only maintain a log of what's happening without taking any action to stop potential attacks. The logs that you'll find within the exact same section of the Control Panel are really detailed and feature info about the attacker IP address, what site and file were attacked and in what ways, what rule the firewall used to prevent the intrusion, and so forth. This data will permit you to take measures and enhance the protection of your sites even more. To be on the safe side, we use not only commercial rules, but also custom-made ones that our admins include whenever they detect attacks that haven't yet been included within the commercial pack.