ModSecurity is a highly effective firewall for Apache web servers that's employed to stop attacks against web apps. It tracks the HTTP traffic to a given website in real time and prevents any intrusion attempts as soon as it detects them. The firewall relies on a set of rules to do that - for example, trying to log in to a script administrator area without success a few times sets off one rule, sending a request to execute a particular file that may result in gaining access to the Internet site triggers a different rule, etcetera. ModSecurity is among the best firewalls around and it'll protect even scripts which aren't updated regularly because it can prevent attackers from employing known exploits and security holes. Quite detailed info about every single intrusion attempt is recorded and the logs the firewall keeps are far more specific than the standard logs provided by the Apache server, so you may later analyze them and decide if you need to take extra measures so as to boost the protection of your script-driven websites.

ModSecurity in Shared Hosting

ModSecurity is provided with all shared hosting servers, so if you choose to host your sites with our business, they'll be resistant to an array of attacks. The firewall is enabled by default for all domains and subdomains, so there'll be nothing you'll have to do on your end. You shall be able to stop ModSecurity for any Internet site if required, or to enable a detection mode, so all activity will be recorded, but the firewall will not take any real action. You will be able to view comprehensive logs through your Hepsia CP including the IP address where the attack came from, what the attacker planned to do and how ModSecurity handled the threat. Since we take the protection of our clients' sites very seriously, we employ a set of commercial rules that we take from one of the top companies that maintain this type of rules. Our admins also add custom rules to ensure that your websites shall be resistant to as many risks as possible.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting solutions that we offer come with ModSecurity and given that the firewall is enabled by default, any site you set up under a domain or a subdomain shall be secured immediately. A separate section inside the Hepsia CP that comes with the semi-dedicated accounts is devoted to ModSecurity and it will enable you to start and stop the firewall for any Internet site or enable a detection mode. With the latter, ModSecurity will not take any action, but it will still identify possible attacks and shall keep all info inside a log as if it were 100% active. The logs can be found in the same section of the Control Panel and they include details about the IP where an attack came from, what its nature was, what rule ModSecurity applies to detect and stop it, etcetera. The security rules which we use on our machines are a mix between commercial ones from a security firm and custom ones made by our system admins. As a result, we offer increased security for your web programs as we can defend them from attacks before security corporations release updates for brand new threats.

ModSecurity in VPS

Protection is vital to us, so we install ModSecurity on all virtual private servers that are set up with the Hepsia CP by default. The firewall can be managed through a dedicated section within Hepsia and is switched on automatically when you include a new domain or generate a subdomain, so you will not need to do anything manually. You will also be able to disable it or turn on the so-called detection mode, so it will keep a log of potential attacks which you can later examine, but shall not block them. The logs in both passive and active modes offer info regarding the kind of the attack and how it was eliminated, what IP it originated from and other useful data which may help you to tighten the security of your Internet sites by updating them or blocking IPs, as an example. Besides the commercial rules which we get for ModSecurity from a third-party security company, we also implement our own rules as occasionally we detect specific attacks that are not yet present inside the commercial package. This way, we can boost the protection of your Virtual private server promptly as opposed to waiting for a certified update.

ModSecurity in Dedicated Hosting

When you opt to host your sites on a dedicated server with the Hepsia CP, your web programs shall be secured right away since ModSecurity is supplied with all Hepsia-based plans. You will be able to manage the firewall easily and if required, you'll be able to turn it off or activate its passive mode when it'll only maintain a log of what is occurring without taking any action to stop potential attacks. The logs which you can find inside the exact same section of the Control Panel are incredibly detailed and include info about the attacker IP address, what site and file were attacked and in what ways, what rule the firewall employed to stop the intrusion, and so on. This information shall enable you to take measures and enhance the protection of your sites even more. To be on the safe side, we use not only commercial rules, but also custom-made ones that our admins include every time they recognize attacks which have not yet been included in the commercial pack.