ModSecurity is a highly effective firewall for Apache web servers that's used to prevent attacks against web applications. It monitors the HTTP traffic to a certain site in real time and prevents any intrusion attempts the moment it identifies them. The firewall relies on a set of rules to accomplish that - for example, attempting to log in to a script administration area unsuccessfully many times activates one rule, sending a request to execute a particular file which could result in accessing the site triggers another rule, and so on. ModSecurity is one of the best firewalls available on the market and it will preserve even scripts which are not updated often since it can prevent attackers from employing known exploits and security holes. Very thorough data about each and every intrusion attempt is recorded and the logs the firewall keeps are far more detailed than the standard logs provided by the Apache server, so you could later analyze them and determine if you need to take extra measures so as to enhance the safety of your script-driven Internet sites.

ModSecurity in Hosting

ModSecurity is provided with all hosting machines, so when you decide to host your sites with our organization, they will be resistant to a wide array of attacks. The firewall is turned on by default for all domains and subdomains, so there'll be nothing you will need to do on your end. You shall be able to stop ModSecurity for any Internet site if needed, or to switch on a detection mode, so all activity shall be recorded, but the firewall shall not take any real action. You will be able to view comprehensive logs through your Hepsia Control Panel including the IP address where the attack came from, what the attacker wanted to do and how ModSecurity handled the threat. As we take the protection of our customers' websites seriously, we use a group of commercial rules which we take from one of the leading firms that maintain such rules. Our administrators also add custom rules to make sure that your sites shall be protected against as many threats as possible.

ModSecurity in Semi-dedicated Servers

We have incorporated ModSecurity by default within all semi-dedicated server packages, so your web applications shall be protected the instant you set them up under any domain or subdomain. The Hepsia CP that comes with the semi-dedicated accounts shall permit you to enable or turn off the firewall for any Internet site with a click. You shall also be able to switch on a passive detection mode in which ModSecurity will maintain a log of potential attacks without really preventing them. The detailed logs contain the nature of the attack and what ModSecurity response this attack caused, where it came from, etc. The list of rules we employ is regularly updated as to match any new threats which could appear on the Internet and it consists of both commercial rules that we get from a security company and custom-written ones which our administrators include in the event that they discover a threat which is not present in the commercial list yet.

ModSecurity in VPS Servers

ModSecurity is pre-installed on all VPS servers which are offered with the Hepsia hosting CP, so your web applications will be protected from the instant your server is ready. The firewall is turned on by default for any domain or subdomain on the VPS, but if necessary, you'll be able to disable it with a click of your mouse through the corresponding section of Hepsia. You could also set it to function in detection mode, so it'll keep a comprehensive log of any potential attacks without taking any action to prevent them. The logs can be found in the very same section and include information regarding the nature of the attack, what IP it came from and what ModSecurity rule was initiated to stop it. For best security, we employ not simply commercial rules from a company working in the field of web security, but also custom ones which our admins include personally so as to react to new threats which are still not addressed in the commercial rules.

ModSecurity in Dedicated Servers

When you opt to host your websites on a dedicated server with the Hepsia CP, your web applications shall be secured straight away as ModSecurity is provided with all Hepsia-based solutions. You shall be able to control the firewall without difficulty and if necessary, you'll be able to turn it off or enable its passive mode when it'll only keep a log of what's taking place without taking any action to prevent potential attacks. The logs that you will find within the very same section of the CP are really detailed and include information about the attacker IP, what site and file were attacked and in what ways, what rule the firewall employed to prevent the intrusion, etcetera. This information will allow you to take measures and increase the protection of your sites even more. To be on the safe side, we use not just commercial rules, but also custom-made ones which our staff add whenever they detect attacks which have not yet been included inside the commercial pack.