ModSecurity is an efficient firewall for Apache web servers which is employed to prevent attacks towards web apps. It tracks the HTTP traffic to a specific website in real time and prevents any intrusion attempts the instant it identifies them. The firewall relies on a set of rules to do this - for instance, trying to log in to a script admin area unsuccessfully many times triggers one rule, sending a request to execute a particular file which may result in getting access to the site triggers another rule, and so forth. ModSecurity is one of the best firewalls around and it will protect even scripts which aren't updated frequently as it can prevent attackers from using known exploits and security holes. Very thorough data about each and every intrusion attempt is recorded and the logs the firewall maintains are considerably more comprehensive than the standard logs generated by the Apache server, so you can later examine them and decide whether you need to take additional measures so as to increase the security of your script-driven Internet sites.

ModSecurity in Cloud Hosting

We offer ModSecurity with all cloud hosting solutions, so your Internet apps will be resistant to malicious attacks. The firewall is switched on by default for all domains and subdomains, but in case you would like, you will be able to stop it using the respective part of your Hepsia Control Panel. You can also activate a detection mode, so ModSecurity will keep a log as intended, but shall not take any action. The logs that you will discover inside Hepsia are incredibly detailed and feature info about the nature of any attack, when it occurred and from what IP address, the firewall rule which was triggered, etcetera. We use a group of commercial rules that are constantly updated, but sometimes our admins include custom rules as well in order to better protect the websites hosted on our servers.

ModSecurity in Semi-dedicated Hosting

ModSecurity is part of our semi-dedicated hosting solutions and if you decide to host your sites with us, there shall not be anything special you will have to do as the firewall is switched on by default for all domains and subdomains you add using your hosting CP. If necessary, you'll be able to disable ModSecurity for a given Internet site or switch on the so-called detection mode in which case the firewall will still work and record info, but will not do anything to prevent potential attacks against your sites. Detailed logs will be accessible within your CP and you will be able to see which kind of attacks took place, what security rules were triggered and how the firewall dealt with the threats, what Internet protocol addresses the attacks came from, and so on. We employ two sorts of rules on our servers - commercial ones from a firm that operates in the field of web security, and customized ones that our admins occasionally add to respond to newly discovered threats on time.

ModSecurity in VPS Hosting

ModSecurity is pre-installed on all virtual private servers that are set up with the Hepsia hosting CP, so your web programs will be protected from the instant your server is ready. The firewall is turned on by default for any domain or subdomain on the Virtual Private Server, but if needed, you'll be able to deactivate it with a mouse click via the corresponding section of Hepsia. You can also set it to operate in detection mode, so it will keep a comprehensive log of any possible attacks without taking any action to prevent them. The logs can be found within the very same section and offer details about the nature of the attack, what IP address it came from and what ModSecurity rule was activated to stop it. For best security, we use not just commercial rules from a company working in the field of web security, but also custom ones our administrators include personally in order to react to new risks that are still not dealt with in the commercial rules.

ModSecurity in Dedicated Web Hosting

When you opt to host your sites on a dedicated server with the Hepsia CP, your web apps will be protected immediately as ModSecurity is supplied with all Hepsia-based plans. You'll be able to manage the firewall with ease and if necessary, you will be able to turn it off or switch on its passive mode when it shall only keep a log of what's going on without taking any action to prevent potential attacks. The logs that you can find inside the exact same section of the CP are extremely detailed and feature information about the attacker IP address, what site and file were attacked and in what way, what rule the firewall used to stop the intrusion, etc. This info shall enable you to take measures and improve the security of your Internet sites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones which our staff add whenever they recognize attacks which haven't yet been included in the commercial pack.