ModSecurity is an efficient firewall for Apache web servers which is used to prevent attacks against web apps. It tracks the HTTP traffic to a specific Internet site in real time and prevents any intrusion attempts the instant it detects them. The firewall relies on a set of rules to do this - for example, trying to log in to a script admin area unsuccessfully a few times triggers one rule, sending a request to execute a certain file which may result in accessing the site triggers another rule, and so forth. ModSecurity is amongst the best firewalls out there and it will secure even scripts that aren't updated frequently since it can prevent attackers from using known exploits and security holes. Very detailed information about each intrusion attempt is recorded and the logs the firewall keeps are considerably more detailed than the conventional logs generated by the Apache server, so you may later analyze them and decide whether you need to take additional measures so as to improve the protection of your script-driven sites.

ModSecurity in Cloud Hosting

We provide ModSecurity with all cloud hosting packages, so your Internet apps shall be resistant to destructive attacks. The firewall is switched on as standard for all domains and subdomains, but in case you would like, you shall be able to stop it using the respective section of your Hepsia CP. You can also switch on a detection mode, so ModSecurity will keep a log as intended, but won't take any action. The logs which you'll discover within Hepsia are extremely detailed and offer information about the nature of any attack, when it occurred and from what IP, the firewall rule which was triggered, and so on. We use a set of commercial rules that are constantly updated, but sometimes our admins include custom rules as well so as to better protect the Internet sites hosted on our servers.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting plans which we offer include ModSecurity and since the firewall is turned on by default, any site you set up under a domain or a subdomain shall be secured right from the start. An independent section within the Hepsia Control Panel that comes with the semi-dedicated accounts is devoted to ModSecurity and it shall permit you to start and stop the firewall for any Internet site or switch on a detection mode. With the last option, ModSecurity won't take any action, but it shall still detect possible attacks and shall keep all info inside a log as if it were completely active. The logs could be found in the same section of the CP and they offer details about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to recognize and stop it, etcetera. The security rules that we employ on our machines are a mix between commercial ones from a security firm and custom ones created by our system admins. Therefore, we offer higher security for your web programs as we can shield them from attacks before security firms release updates for brand new threats.

ModSecurity in VPS Web Hosting

ModSecurity is provided with all Hepsia-based virtual private servers that we offer and it will be switched on automatically for any new domain or subdomain you add on the hosting server. This way, any web app you install will be protected right from the start without doing anything manually on your end. The firewall may be managed through the section of the Control Panel that has the same name. This is the place in whichyou can switch off ModSecurity or enable its passive mode, so it shall not take any action toward threats, but shall still maintain a comprehensive log. The recorded info is available in the same area as well and you shall be able to see what IPs any attacks originated from so that you can block them, what the nature of the attempted attacks was and based on what security rules ModSecurity reacted. The rules that we use on our servers are a blend between commercial ones we get from a security firm and custom ones that are added by our administrators to improve the security of any web applications hosted on our end.

ModSecurity in Dedicated Servers Hosting

ModSecurity comes with all dedicated servers that are set up with our Hepsia Control Panel and you won't need to do anything specific on your end to use it since it's switched on by default every time you include a new domain or subdomain on your web server. If it disrupts any of your apps, you will be able to stop it via the respective area of Hepsia, or you may leave it operating in passive mode, so it will recognize attacks and will still maintain a log for them, but will not stop them. You could look at the logs later to determine what you can do to increase the safety of your sites as you shall find details such as where an intrusion attempt came from, what site was attacked and based upon what rule ModSecurity reacted, etcetera. The rules which we employ are commercial, therefore they're frequently updated by a security firm, but to be on the safe side, our administrators also include custom rules occasionally in order to respond to any new threats they have identified.