ModSecurity is an effective firewall for Apache web servers that's employed to prevent attacks toward web apps. It monitors the HTTP traffic to a given website in real time and stops any intrusion attempts as soon as it identifies them. The firewall uses a set of rules to do this - for example, trying to log in to a script admin area unsuccessfully a few times activates one rule, sending a request to execute a particular file that may result in getting access to the Internet site triggers a different rule, etcetera. ModSecurity is one of the best firewalls out there and it will protect even scripts which aren't updated often since it can prevent attackers from using known exploits and security holes. Quite detailed info about each and every intrusion attempt is recorded and the logs the firewall maintains are a lot more detailed than the regular logs generated by the Apache server, so you could later take a look at them and decide whether you need to take additional measures so as to enhance the protection of your script-driven sites.

ModSecurity in Cloud Web Hosting

ModSecurity can be found with each and every cloud web hosting package which we provide and it's activated by default for any domain or subdomain that you include through your Hepsia CP. If it disrupts any of your apps or you would like to disable it for any reason, you will be able to accomplish that through the ModSecurity area of Hepsia with just a mouse click. You could also enable a passive mode, so the firewall will discover potential attacks and maintain a log, but won't take any action. You could see comprehensive logs in the very same section, including the IP address where the attack came from, exactly what the attacker aimed to do and at what time, what ModSecurity did, and so forth. For max protection of our clients we use a collection of commercial firewall rules combined with custom ones which are included by our system administrators.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting packages which we offer come with ModSecurity and given that the firewall is turned on by default, any website you build under a domain or a subdomain will be protected right away. A separate section within the Hepsia CP which comes with the semi-dedicated accounts is dedicated to ModSecurity and it shall enable you to stop and start the firewall for any site or enable a detection mode. With the last mentioned, ModSecurity shall not take any action, but it'll still identify possible attacks and will keep all info inside a log as if it were completely active. The logs can be found inside the same section of the Control Panel and they include information about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to identify and stop it, etcetera. The security rules which we employ on our web servers are a mix between commercial ones from a security firm and custom ones developed by our system admins. Therefore, we provide higher security for your web apps as we can protect them from attacks even before security businesses release updates for completely new threats.

ModSecurity in VPS

All virtual private servers which are provided with the Hepsia Control Panel feature ModSecurity. The firewall is installed and turned on by default for all domains which are hosted on the server, so there will not be anything special that you'll have to do to protect your Internet sites. It'll take you just a mouse click to stop ModSecurity if necessary or to switch on its passive mode so that it records what happens without taking any steps to stop intrusions. You will be able to see the logs created in active or passive mode through the corresponding section of Hepsia and discover more about the type of the attack, where it came from, what rule the firewall used to handle it, etcetera. We employ a mixture of commercial and custom rules in order to make certain that ModSecurity shall prevent as many threats as possible, consequently enhancing the security of your web programs as much as possible.

ModSecurity in Dedicated Hosting

All of our dedicated servers which are installed with the Hepsia hosting CP come with ModSecurity, so any program which you upload or set up will be protected from the very beginning and you will not have to stress about common attacks or vulnerabilities. An independent section in Hepsia will enable you to start or stop the firewall for each domain or subdomain, or switch on a detection mode so that it records information regarding intrusions, but does not take actions to stop them. What you'll discover in the logs can allow you to to secure your Internet sites better - the IP an attack originated from, what website was attacked and how, what ModSecurity rule was triggered, and so on. With this information, you could see whether a website needs an update, if you ought to block IPs from accessing your web server, and so forth. Aside from the third-party commercial security rules for ModSecurity that we use, our administrators add custom ones too if they find a new threat that's not yet included in the commercial bundle.