ModSecurity is a highly effective firewall for Apache web servers that's used to prevent attacks toward web applications. It monitors the HTTP traffic to a particular Internet site in real time and prevents any intrusion attempts the instant it identifies them. The firewall uses a set of rules to accomplish that - as an illustration, attempting to log in to a script administrator area unsuccessfully a few times triggers one rule, sending a request to execute a certain file which could result in gaining access to the site triggers a different rule, etc. ModSecurity is one of the best firewalls available and it'll protect even scripts which are not updated on a regular basis since it can prevent attackers from using known exploits and security holes. Quite thorough info about each and every intrusion attempt is recorded and the logs the firewall maintains are much more specific than the conventional logs generated by the Apache server, so you may later analyze them and decide if you need to take additional measures so as to increase the protection of your script-driven websites.

ModSecurity in Cloud Website Hosting

ModSecurity comes standard with all cloud website hosting solutions which we offer and it shall be switched on automatically for any domain or subdomain you add/create within your Hepsia hosting Control Panel. The firewall has 3 different modes, so you'll be able to activate and deactivate it with simply a mouse click or set it to detection mode, so it shall keep a log of all attacks, but it'll not do anything to stop them. The log for any of your sites will include elaborate information which includes the nature of the attack, where it originated from, what action was taken by ModSecurity, etcetera. The firewall rules that we use are regularly updated and comprise of both commercial ones that we get from a third-party security business and custom ones that our system admins add in case that they detect a new type of attacks. This way, the websites that you host here shall be much more protected without any action needed on your end.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting plans that we offer include ModSecurity and since the firewall is enabled by default, any Internet site which you build under a domain or a subdomain shall be secured right from the start. A separate section within the Hepsia Control Panel that comes with the semi-dedicated accounts is dedicated to ModSecurity and it'll enable you to start and stop the firewall for any website or activate a detection mode. With the latter, ModSecurity shall not take any action, but it shall still identify possible attacks and will keep all data inside a log as if it were completely active. The logs can be found within the very same section of the Control Panel and they include information regarding the IP where an attack originated from, what its nature was, what rule ModSecurity applies to recognize and stop it, etcetera. The security rules which we employ on our web servers are a mix between commercial ones from a security company and custom ones made by our system admins. As a result, we offer greater security for your web applications as we can protect them from attacks even before security corporations release updates for new threats.

ModSecurity in VPS

ModSecurity is pre-installed on all virtual private servers which are set up with the Hepsia hosting CP, so your web apps will be secured from the second your server is in a position. The firewall is switched on by default for any domain or subdomain on the VPS, but if needed, you could disable it with a mouse click from the corresponding section of Hepsia. You could also set it to operate in detection mode, so it shall keep an extensive log of any potential attacks without taking any action to stop them. The logs are available inside the exact same section and include information about the nature of the attack, what IP it came from and what ModSecurity rule was initiated to stop it. For optimum security, we employ not only commercial rules from a company operating in the field of web security, but also custom ones that our administrators include personally so as to respond to new risks that are still not tackled in the commercial rules.

ModSecurity in Dedicated Hosting

All of our dedicated servers that are set up with the Hepsia hosting Control Panel come with ModSecurity, so any app that you upload or set up will be secured from the very beginning and you will not need to stress about common attacks or vulnerabilities. An individual section inside Hepsia will enable you to start or stop the firewall for every domain or subdomain, or turn on a detection mode so that it records info about intrusions, but does not take actions to stop them. What you'll discover in the logs can easily allow you to to secure your websites better - the IP address an attack came from, what site was attacked and in what way, what ModSecurity rule was triggered, etc. With this info, you can see whether an Internet site needs an update, whether you ought to block IPs from accessing your web server, and so forth. Besides the third-party commercial security rules for ModSecurity that we use, our admins include custom ones as well when they come across a new threat that is not yet included in the commercial bundle.