ModSecurity is an efficient firewall for Apache web servers which is used to stop attacks toward web apps. It keeps track of the HTTP traffic to a certain site in real time and stops any intrusion attempts as soon as it discovers them. The firewall relies on a set of rules to do this - as an illustration, trying to log in to a script administrator area without success several times activates one rule, sending a request to execute a specific file that could result in getting access to the Internet site triggers another rule, etcetera. ModSecurity is among the best firewalls out there and it will secure even scripts which aren't updated frequently as it can prevent attackers from employing known exploits and security holes. Incredibly comprehensive information about every intrusion attempt is recorded and the logs the firewall maintains are considerably more detailed than the standard logs generated by the Apache server, so you can later analyze them and determine whether you need to take more measures in order to boost the protection of your script-driven websites.

ModSecurity in Hosting

ModSecurity is available on all hosting servers, so when you decide to host your sites with our organization, they'll be protected against a wide array of attacks. The firewall is enabled by default for all domains and subdomains, so there'll be nothing you'll have to do on your end. You shall be able to stop ModSecurity for any site if needed, or to enable a detection mode, so all activity shall be recorded, but the firewall will not take any real action. You'll be able to view comprehensive logs via your Hepsia Control Panel including the IP where the attack came from, what the attacker wanted to do and how ModSecurity handled the threat. As we take the security of our customers' Internet sites very seriously, we employ a selection of commercial rules that we take from one of the top companies which maintain such rules. Our admins also include custom rules to make certain that your websites shall be shielded from as many risks as possible.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server packages that we offer include ModSecurity and since the firewall is switched on by default, any Internet site which you build under a domain or a subdomain will be secured right from the start. An independent section within the Hepsia Control Panel that comes with the semi-dedicated accounts is dedicated to ModSecurity and it shall enable you to start and stop the firewall for any website or enable a detection mode. With the last mentioned, ModSecurity won't take any action, but it'll still identify possible attacks and shall keep all info inside a log as if it were fully active. The logs can be found in the same section of the Control Panel and they include details about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to recognize and stop it, and so forth. The security rules we employ on our machines are a mix of commercial ones from a security business and custom ones created by our system admins. Consequently, we provide higher security for your web applications as we can defend them from attacks before security corporations release updates for new threats.

ModSecurity in VPS Servers

All VPS servers which are set up with the Hepsia Control Panel feature ModSecurity. The firewall is installed and turned on by default for all domains which are hosted on the server, so there will not be anything special which you'll need to do to protect your sites. It shall take you a mouse click to stop ModSecurity if required or to switch on its passive mode so that it records what happens without taking any measures to stop intrusions. You'll be able to see the logs produced in passive or active mode through the corresponding section of Hepsia and find out more about the type of the attack, where it came from, what rule the firewall employed to tackle it, and so forth. We employ a mixture of commercial and custom rules in order to make sure that ModSecurity shall prevent as many risks as possible, consequently enhancing the security of your web apps as much as possible.

ModSecurity in Dedicated Servers

When you choose to host your websites on a dedicated server with the Hepsia Control Panel, your web programs shall be secured right away as ModSecurity is provided with all Hepsia-based plans. You shall be able to control the firewall without difficulty and if needed, you will be able to turn it off or switch on its passive mode when it'll only keep a log of what is going on without taking any action to stop possible attacks. The logs that you'll find within the exact same section of the CP are really detailed and contain details about the attacker IP address, what website and file were attacked and in what way, what rule the firewall used to stop the intrusion, and so on. This data will allow you to take measures and improve the security of your sites even more. To be on the safe side, we employ not just commercial rules, but also custom-made ones which our admins add whenever they detect attacks which have not yet been included within the commercial pack.