ModSecurity is an efficient firewall for Apache web servers that's employed to prevent attacks towards web applications. It monitors the HTTP traffic to a certain website in real time and prevents any intrusion attempts as soon as it discovers them. The firewall relies on a set of rules to accomplish that - as an illustration, trying to log in to a script administrator area without success a few times activates one rule, sending a request to execute a specific file that could result in accessing the Internet site triggers another rule, etc. ModSecurity is among the best firewalls available and it'll protect even scripts which are not updated frequently because it can prevent attackers from employing known exploits and security holes. Very thorough information about each intrusion attempt is recorded and the logs the firewall keeps are much more specific than the regular logs generated by the Apache server, so you may later analyze them and determine whether you need to take extra measures in order to improve the protection of your script-driven Internet sites.

ModSecurity in Cloud Hosting

ModSecurity comes standard with all cloud hosting solutions that we offer and it will be activated automatically for any domain or subdomain which you add/create in your Hepsia hosting Control Panel. The firewall has three different modes, so you'll be able to switch on and deactivate it with just a mouse click or set it to detection mode, so it will maintain a log of all attacks, but it shall not do anything to stop them. The log for each of your Internet sites will feature detailed info such as the nature of the attack, where it originated from, what action was taken by ModSecurity, and so on. The firewall rules that we use are frequently updated and comprise of both commercial ones which we get from a third-party security company and custom ones that our system administrators add in case that they detect a new sort of attacks. That way, the websites that you host here will be a lot more protected without any action required on your end.

ModSecurity in Semi-dedicated Hosting

ModSecurity is part of our semi-dedicated hosting plans and if you opt to host your sites with us, there shall not be anything special you'll need to do as the firewall is turned on by default for all domains and subdomains you add using your hosting CP. If required, you can disable ModSecurity for a certain Internet site or enable the so-called detection mode in which case the firewall will still operate and record info, but shall not do anything to prevent potential attacks against your Internet sites. Detailed logs shall be accessible within your Control Panel and you'll be able to see which kind of attacks happened, what security rules were triggered and how the firewall handled the threats, what Internet protocol addresses the attacks originated from, etcetera. We employ two kinds of rules on our servers - commercial ones from a company which operates in the field of web security, and customized ones which our administrators often add to respond to newly found threats promptly.

ModSecurity in VPS Hosting

Safety is vital to us, so we set up ModSecurity on all virtual private servers which are provided with the Hepsia CP as a standard. The firewall can be managed through a dedicated section within Hepsia and is turned on automatically when you include a new domain or generate a subdomain, so you will not need to do anything personally. You shall also be able to disable it or turn on the so-called detection mode, so it shall maintain a log of possible attacks which you can later examine, but won't prevent them. The logs in both passive and active modes offer info regarding the kind of the attack and how it was prevented, what IP it originated from and other useful information which could help you to tighten the security of your websites by updating them or blocking IPs, as an example. In addition to the commercial rules we get for ModSecurity from a third-party security company, we also implement our own rules because occasionally we find specific attacks that aren't yet present in the commercial pack. That way, we could enhance the security of your VPS right away rather than awaiting a certified update.

ModSecurity in Dedicated Web Hosting

If you opt to host your Internet sites on a dedicated server with the Hepsia CP, your web applications will be protected immediately because ModSecurity is available with all Hepsia-based packages. You shall be able to control the firewall effortlessly and if necessary, you will be able to turn it off or activate its passive mode when it shall only keep a log of what's going on without taking any action to prevent potential attacks. The logs that you will find in the very same section of the Control Panel are quite detailed and contain information about the attacker IP, what site and file were attacked and in what way, what rule the firewall used to prevent the intrusion, etcetera. This data will allow you to take measures and boost the security of your Internet sites even more. To be on the safe side, we use not only commercial rules, but also custom-made ones that our administrators add when they recognize attacks that haven't yet been included in the commercial pack.