ModSecurity is a powerful firewall for Apache web servers that's employed to stop attacks towards web apps. It tracks the HTTP traffic to a particular Internet site in real time and stops any intrusion attempts as soon as it detects them. The firewall uses a set of rules to do this - for instance, attempting to log in to a script administration area without success many times sets off one rule, sending a request to execute a certain file which could result in getting access to the Internet site triggers a different rule, and so forth. ModSecurity is amongst the best firewalls out there and it'll secure even scripts that are not updated often because it can prevent attackers from using known exploits and security holes. Very comprehensive info about every intrusion attempt is recorded and the logs the firewall maintains are considerably more specific than the regular logs created by the Apache server, so you may later analyze them and determine if you need to take extra measures in order to enhance the protection of your script-driven Internet sites.

ModSecurity in Shared Web Hosting

We offer ModSecurity with all shared web hosting plans, so your web apps will be protected against destructive attacks. The firewall is activated as standard for all domains and subdomains, but in case you'd like, you'll be able to stop it via the respective part of your Hepsia Control Panel. You could also switch on a detection mode, so ModSecurity will keep a log as intended, but shall not take any action. The logs that you'll find inside Hepsia are quite detailed and offer data about the nature of any attack, when it happened and from what IP, the firewall rule that was triggered, and so forth. We use a group of commercial rules that are frequently updated, but sometimes our administrators include custom rules as well in order to better protect the Internet sites hosted on our machines.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting plans which we offer include ModSecurity and since the firewall is switched on by default, any site which you create under a domain or a subdomain will be protected immediately. A separate section within the Hepsia Control Panel that comes with the semi-dedicated accounts is dedicated to ModSecurity and it shall permit you to start and stop the firewall for any site or enable a detection mode. With the last option, ModSecurity won't take any action, but it shall still detect possible attacks and shall keep all data inside a log as if it were fully active. The logs can be found in the same section of the CP and they feature information about the IP where an attack came from, what its nature was, what rule ModSecurity applies to recognize and stop it, etc. The security rules we use on our servers are a mix of commercial ones from a security company and custom ones developed by our system administrators. For that reason, we offer higher security for your web applications as we can shield them from attacks before security companies release updates for brand new threats.

ModSecurity in VPS

ModSecurity is provided with all Hepsia-based virtual private servers that we offer and it will be activated automatically for every new domain or subdomain that you add on the web server. This way, any web app you install shall be secured immediately without doing anything manually on your end. The firewall can be handled from the section of the CP which has the same name. This is the location in whichyou can turn off ModSecurity or enable its passive mode, so it won't take any action towards threats, but shall still keep a thorough log. The recorded data is available in the same area as well and you will be able to see what IPs any attacks came from to enable you to stop them, what the nature of the attempted attacks was and based upon what security rules ModSecurity responded. The rules that we use on our servers are a mix between commercial ones that we obtain from a security company and custom ones that are included by our administrators to optimize the security of any web applications hosted on our end.

ModSecurity in Dedicated Hosting

When you opt to host your Internet sites on a dedicated server with the Hepsia Control Panel, your web applications shall be secured right away as ModSecurity is available with all Hepsia-based plans. You'll be able to control the firewall without difficulty and if needed, you will be able to turn it off or activate its passive mode when it will only keep a log of what is taking place without taking any action to prevent possible attacks. The logs that you'll find inside the very same section of the CP are incredibly detailed and include data about the attacker IP, what site and file were attacked and in what way, what rule the firewall used to stop the intrusion, etcetera. This info will permit you to take measures and boost the security of your Internet sites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones which our admins include when they detect attacks that have not yet been included in the commercial pack.