ModSecurity is a highly effective firewall for Apache web servers that's used to stop attacks toward web apps. It keeps track of the HTTP traffic to a specific Internet site in real time and prevents any intrusion attempts the instant it discovers them. The firewall relies on a set of rules to do this - for instance, trying to log in to a script administrator area unsuccessfully several times sets off one rule, sending a request to execute a certain file which may result in accessing the Internet site triggers a different rule, etcetera. ModSecurity is amongst the best firewalls on the market and it will protect even scripts that aren't updated often as it can prevent attackers from employing known exploits and security holes. Quite thorough info about every intrusion attempt is recorded and the logs the firewall keeps are much more detailed than the regular logs provided by the Apache server, so you can later take a look at them and decide if you need to take extra measures in order to enhance the security of your script-driven Internet sites.

ModSecurity in Shared Website Hosting

ModSecurity is supplied with all shared website hosting web servers, so if you opt to host your websites with our company, they shall be protected against an array of attacks. The firewall is turned on as standard for all domains and subdomains, so there'll be nothing you'll have to do on your end. You shall be able to stop ModSecurity for any website if required, or to switch on a detection mode, so all activity will be recorded, but the firewall will not take any real action. You will be able to view specific logs via your Hepsia CP including the IP where the attack came from, what the attacker wished to do and how ModSecurity dealt with the threat. As we take the protection of our clients' sites seriously, we employ a group of commercial rules that we get from one of the top companies which maintain this sort of rules. Our admins also include custom rules to make certain that your Internet sites shall be resistant to as many threats as possible.

ModSecurity in Semi-dedicated Hosting

Any web application that you set up inside your new semi-dedicated hosting account will be protected by ModSecurity since the firewall comes with all our hosting solutions and is activated by default for any domain and subdomain which you include or create via your Hepsia hosting CP. You will be able to manage ModSecurity via a dedicated section inside Hepsia where not only can you activate or deactivate it fully, but you could also activate a passive mode, so the firewall won't stop anything, but it'll still keep a record of potential attacks. This normally requires just a click and you will be able to look at the logs regardless of if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was dealt with, and so forth. The firewall employs two groups of rules on our web servers - a commercial one that we get from a third-party web security company and a custom one that our admins update personally in order to respond to recently discovered threats as soon as possible.

ModSecurity in VPS

All virtual private servers that are offered with the Hepsia Control Panel feature ModSecurity. The firewall is set up and activated by default for all domains that are hosted on the machine, so there won't be anything special which you shall have to do to protect your sites. It shall take you just a click to stop ModSecurity if needed or to activate its passive mode so that it records what occurs without taking any measures to stop intrusions. You will be able to see the logs created in passive or active mode via the corresponding section of Hepsia and discover more about the form of the attack, where it came from, what rule the firewall employed to deal with it, and so on. We use a mixture of commercial and custom rules in order to make sure that ModSecurity shall block as many threats as possible, hence increasing the protection of your web applications as much as possible.

ModSecurity in Dedicated Hosting

All our dedicated servers that are installed with the Hepsia hosting Control Panel include ModSecurity, so any application which you upload or install will be protected from the very beginning and you won't need to stress about common attacks or vulnerabilities. A separate section in Hepsia will enable you to start or stop the firewall for each and every domain or subdomain, or switch on a detection mode so that it records information regarding intrusions, but does not take actions to stop them. What you will see in the logs shall allow you to to secure your Internet sites better - the IP an attack came from, what website was attacked and in what way, what ModSecurity rule was triggered, etcetera. With this information, you could see whether an Internet site needs an update, if you should block IPs from accessing your web server, etcetera. Aside from the third-party commercial security rules for ModSecurity which we use, our admins include custom ones as well if they come across a new threat which is not yet in the commercial bundle.