ModSecurity is a highly effective firewall for Apache web servers which is used to stop attacks toward web applications. It monitors the HTTP traffic to a specific website in real time and prevents any intrusion attempts as soon as it identifies them. The firewall relies on a set of rules to do that - as an example, attempting to log in to a script administration area without success many times activates one rule, sending a request to execute a specific file which may result in getting access to the Internet site triggers a different rule, and so forth. ModSecurity is amongst the best firewalls available on the market and it will secure even scripts which aren't updated on a regular basis since it can prevent attackers from using known exploits and security holes. Incredibly detailed data about each and every intrusion attempt is recorded and the logs the firewall maintains are a lot more detailed than the regular logs created by the Apache server, so you could later take a look at them and decide if you need to take extra measures in order to boost the protection of your script-driven Internet sites.

ModSecurity in Hosting

ModSecurity comes standard with all hosting plans that we provide and it'll be turned on automatically for any domain or subdomain that you add/create in your Hepsia hosting Control Panel. The firewall has 3 different modes, so you can switch on and disable it with just a mouse click or set it to detection mode, so it shall keep a log of all attacks, but it'll not do anything to prevent them. The log for each of your Internet sites will include detailed information such as the nature of the attack, where it originated from, what action was taken by ModSecurity, and so on. The firewall rules we use are regularly updated and consist of both commercial ones we get from a third-party security business and custom ones our system admins include in case that they detect a new kind of attacks. In this way, the Internet sites you host here shall be way more protected without any action expected on your end.

ModSecurity in Semi-dedicated Servers

ModSecurity is part of our semi-dedicated server packages and if you decide to host your Internet sites with our company, there won't be anything special you will have to do since the firewall is activated by default for all domains and subdomains you include via your hosting Control Panel. If needed, you could disable ModSecurity for a certain Internet site or activate the so-called detection mode in which case the firewall will still work and record data, but shall not do anything to prevent possible attacks against your sites. Comprehensive logs will be available inside your Control Panel and you'll be able to see what type of attacks happened, what security rules were triggered and how the firewall dealt with the threats, what Internet protocol addresses the attacks came from, and so on. We use two sorts of rules on our servers - commercial ones from a firm that operates in the field of web security, and customized ones that our admins sometimes include to respond to newly identified risks on time.

ModSecurity in VPS Servers

ModSecurity is included with all Hepsia-based VPS servers we offer and it'll be activated automatically for every new domain or subdomain which you include on the web server. This way, any web application you install shall be secured right from the start without doing anything by hand on your end. The firewall can be managed from the section of the CP that bears the same name. This is the area in whichyou could disable ModSecurity or enable its passive mode, so it won't take any action towards threats, but shall still keep a thorough log. The recorded info is available in the same section as well and you'll be able to see what IPs any attacks came from so that you stop them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity responded. The rules which we employ on our servers are a combination between commercial ones we get from a security organization and custom ones that are added by our admins to optimize the security of any web apps hosted on our end.

ModSecurity in Dedicated Servers

If you opt to host your websites on a dedicated server with the Hepsia Control Panel, your web programs will be secured straight away since ModSecurity is available with all Hepsia-based solutions. You'll be able to manage the firewall effortlessly and if necessary, you'll be able to turn it off or switch on its passive mode when it'll only maintain a log of what's going on without taking any action to stop potential attacks. The logs that you will find in the same section of the Control Panel are really detailed and contain information about the attacker IP, what site and file were attacked and in what way, what rule the firewall employed to stop the intrusion, etc. This information shall enable you to take measures and improve the protection of your Internet sites even more. To be on the safe side, we use not just commercial rules, but also custom-made ones which our administrators include when they detect attacks which haven't yet been included in the commercial pack.