ModSecurity is an efficient firewall for Apache web servers that is employed to stop attacks against web applications. It keeps track of the HTTP traffic to a certain website in real time and stops any intrusion attempts the instant it detects them. The firewall uses a set of rules to do this - for instance, attempting to log in to a script admin area without success a few times activates one rule, sending a request to execute a certain file which could result in gaining access to the Internet site triggers a different rule, etcetera. ModSecurity is among the best firewalls out there and it'll secure even scripts which are not updated on a regular basis as it can prevent attackers from employing known exploits and security holes. Incredibly comprehensive info about each intrusion attempt is recorded and the logs the firewall keeps are far more comprehensive than the regular logs provided by the Apache server, so you could later examine them and decide if you need to take more measures in order to increase the protection of your script-driven Internet sites.

ModSecurity in Cloud Hosting

ModSecurity can be found with each cloud hosting solution which we provide and it's turned on by default for every domain or subdomain which you add through your Hepsia CP. If it interferes with any of your apps or you'd like to disable it for whatever reason, you shall be able to do this through the ModSecurity section of Hepsia with only a mouse click. You can also use a passive mode, so the firewall will detect potential attacks and maintain a log, but won't take any action. You'll be able to view detailed logs in the same section, including the IP address where the attack came from, exactly what the attacker attempted to do and at what time, what ModSecurity did, etcetera. For optimum safety of our clients we use a group of commercial firewall rules mixed with custom ones that are added by our system administrators.

ModSecurity in Semi-dedicated Hosting

ModSecurity is a part of our semi-dedicated hosting plans and if you opt to host your sites with us, there shall not be anything special you'll have to do since the firewall is activated by default for all domains and subdomains which you add using your hosting Control Panel. If necessary, you can disable ModSecurity for a given website or turn on the so-called detection mode in which case the firewall shall still function and record data, but shall not do anything to prevent potential attacks on your websites. Detailed logs will be accessible inside your CP and you will be able to see what sort of attacks happened, what security rules were triggered and how the firewall dealt with the threats, what IP addresses the attacks originated from, etc. We employ 2 kinds of rules on our servers - commercial ones from an organization which operates in the field of web security, and custom ones that our administrators often add to respond to newly found risks on time.

ModSecurity in VPS Hosting

All virtual private servers that are offered with the Hepsia CP feature ModSecurity. The firewall is set up and turned on by default for all domains that are hosted on the machine, so there shall not be anything special which you'll have to do to protect your Internet sites. It shall take you a mouse click to stop ModSecurity if necessary or to turn on its passive mode so that it records what goes on without taking any actions to stop intrusions. You will be able to look at the logs created in passive or active mode via the corresponding section of Hepsia and learn more about the form of the attack, where it came from, what rule the firewall employed to deal with it, etc. We use a combination of commercial and custom rules in order to make sure that ModSecurity shall prevent as many threats as possible, consequently improving the security of your web programs as much as possible.

ModSecurity in Dedicated Web Hosting

All our dedicated servers which are installed with the Hepsia hosting CP feature ModSecurity, so any app that you upload or set up shall be protected from the very beginning and you'll not have to concern yourself with common attacks or vulnerabilities. An individual section in Hepsia will enable you to start or stop the firewall for each and every domain or subdomain, or switch on a detection mode so that it records information about intrusions, but doesn't take actions to stop them. What you'll find in the logs shall help you to secure your sites better - the IP address an attack came from, what website was attacked and in what way, what ModSecurity rule was triggered, etcetera. With this info, you can see whether a site needs an update, whether you should block IPs from accessing your web server, etcetera. On top of the third-party commercial security rules for ModSecurity which we use, our admins add custom ones too every time they come across a new threat that is not yet in the commercial bundle.