ModSecurity is a highly effective firewall for Apache web servers that's employed to prevent attacks against web apps. It tracks the HTTP traffic to a particular website in real time and stops any intrusion attempts the moment it identifies them. The firewall relies on a set of rules to do this - for example, attempting to log in to a script administration area unsuccessfully several times sets off one rule, sending a request to execute a certain file that may result in gaining access to the website triggers another rule, and so forth. ModSecurity is one of the best firewalls out there and it will secure even scripts that aren't updated regularly as it can prevent attackers from using known exploits and security holes. Incredibly thorough info about every intrusion attempt is recorded and the logs the firewall keeps are a lot more specific than the regular logs generated by the Apache server, so you can later examine them and decide whether you need to take more measures in order to enhance the protection of your script-driven websites.

ModSecurity in Cloud Web Hosting

We offer ModSecurity with all cloud web hosting plans, so your Internet applications shall be resistant to destructive attacks. The firewall is activated as standard for all domains and subdomains, but if you would like, you'll be able to stop it through the respective section of your Hepsia Control Panel. You'll be able to also switch on a detection mode, so ModSecurity shall keep a log as intended, but shall not take any action. The logs which you will discover in Hepsia are quite detailed and feature info about the nature of any attack, when it happened and from what IP, the firewall rule which was triggered, etc. We employ a set of commercial rules that are constantly updated, but sometimes our administrators include custom rules as well so as to efficiently protect the sites hosted on our servers.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server plans which we offer feature ModSecurity and given that the firewall is enabled by default, any site that you build under a domain or a subdomain will be secured right away. An independent section inside the Hepsia Control Panel that comes with the semi-dedicated accounts is devoted to ModSecurity and it'll enable you to stop and start the firewall for any website or enable a detection mode. With the last mentioned, ModSecurity won't take any action, but it will still detect possible attacks and will keep all information in a log as if it were fully active. The logs can be found in the exact same section of the Control Panel and they include information regarding the IP where an attack came from, what its nature was, what rule ModSecurity applies to recognize and stop it, etcetera. The security rules that we employ on our servers are a mix between commercial ones from a security company and custom ones developed by our system administrators. Consequently, we provide increased security for your web apps as we can protect them from attacks even before security businesses release updates for brand new threats.

ModSecurity in VPS Servers

ModSecurity is pre-installed on all VPS servers which are offered with the Hepsia hosting Control Panel, so your web applications shall be protected from the second your server is ready. The firewall is switched on by default for any domain or subdomain on the Virtual Private Server, but if required, you can deactivate it with a click through the corresponding section of Hepsia. You can also set it to work in detection mode, so it will keep a detailed log of any possible attacks without taking any action to stop them. The logs can be found within the same section and provide info about the nature of the attack, what IP address it came from and what ModSecurity rule was activated to stop it. For maximum security, we employ not simply commercial rules from a firm working in the field of web security, but also custom ones our admins include manually so as to react to new risks that are still not tackled in the commercial rules.

ModSecurity in Dedicated Servers

If you choose to host your Internet sites on a dedicated server with the Hepsia Control Panel, your web programs will be secured straight away because ModSecurity is available with all Hepsia-based plans. You'll be able to regulate the firewall effortlessly and if necessary, you shall be able to turn it off or activate its passive mode when it shall only maintain a log of what's happening without taking any action to stop possible attacks. The logs which you will find in the same section of the Control Panel are incredibly detailed and contain info about the attacker IP address, what website and file were attacked and in what way, what rule the firewall employed to prevent the intrusion, and so forth. This data will permit you to take measures and improve the security of your websites even more. To be on the safe side, we use not only commercial rules, but also custom-made ones which our admins include every time they detect attacks that haven't yet been included within the commercial pack.