ModSecurity is an efficient firewall for Apache web servers that is employed to prevent attacks against web apps. It monitors the HTTP traffic to a given site in real time and blocks any intrusion attempts the instant it detects them. The firewall uses a set of rules to do this - for instance, trying to log in to a script administration area unsuccessfully a few times activates one rule, sending a request to execute a particular file which may result in gaining access to the site triggers a different rule, and so on. ModSecurity is one of the best firewalls out there and it'll secure even scripts which are not updated frequently since it can prevent attackers from using known exploits and security holes. Incredibly thorough info about every single intrusion attempt is recorded and the logs the firewall keeps are considerably more detailed than the regular logs created by the Apache server, so you can later take a look at them and determine if you need to take extra measures in order to increase the security of your script-driven sites.

ModSecurity in Website Hosting

ModSecurity is available on all website hosting machines, so if you opt to host your sites with our company, they will be protected against a wide array of attacks. The firewall is turned on by default for all domains and subdomains, so there'll be nothing you will have to do on your end. You shall be able to stop ModSecurity for any Internet site if required, or to activate a detection mode, so all activity shall be recorded, but the firewall won't take any real action. You will be able to view specific logs using your Hepsia Control Panel including the IP where the attack came from, what the attacker wanted to do and how ModSecurity addressed the threat. As we take the security of our clients' sites very seriously, we employ a collection of commercial rules which we get from one of the leading companies which maintain this type of rules. Our administrators also add custom rules to make certain that your sites shall be shielded from as many threats as possible.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting plans that we offer include ModSecurity and since the firewall is turned on by default, any website which you create under a domain or a subdomain will be secured right from the start. An individual section in the Hepsia Control Panel that comes with the semi-dedicated accounts is devoted to ModSecurity and it shall enable you to start and stop the firewall for any Internet site or activate a detection mode. With the latter, ModSecurity shall not take any action, but it'll still identify possible attacks and will keep all information in a log as if it were fully active. The logs can be found inside the same section of the CP and they include information regarding the IP where an attack originated from, what its nature was, what rule ModSecurity applies to detect and stop it, etc. The security rules which we employ on our web servers are a mix of commercial ones from a security business and custom ones developed by our system admins. For that reason, we offer increased security for your web applications as we can defend them from attacks even before security companies release updates for completely new threats.

ModSecurity in VPS

ModSecurity is pre-installed on all virtual private servers which are offered with the Hepsia hosting CP, so your web applications shall be protected from the second your server is ready. The firewall is turned on by default for any domain or subdomain on the VPS, but if needed, you'll be able to deactivate it with a mouse click via the corresponding section of Hepsia. You can also set it to function in detection mode, so it'll keep a comprehensive log of any potential attacks without taking any action to prevent them. The logs are available inside the same section and include information about the nature of the attack, what IP it came from and what ModSecurity rule was activated to stop it. For maximum security, we use not just commercial rules from a firm operating in the field of web security, but also custom ones that our administrators include personally so as to react to new threats which are still not addressed in the commercial rules.

ModSecurity in Dedicated Hosting

If you choose to host your sites on a dedicated server with the Hepsia Control Panel, your web applications will be protected right away since ModSecurity is supplied with all Hepsia-based plans. You will be able to regulate the firewall without difficulty and if necessary, you'll be able to turn it off or enable its passive mode when it shall only keep a log of what is occurring without taking any action to prevent potential attacks. The logs which you will find in the same section of the CP are very detailed and contain info about the attacker IP, what site and file were attacked and in what ways, what rule the firewall employed to prevent the intrusion, and so on. This info will permit you to take measures and enhance the security of your Internet sites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones that our admins add whenever they recognize attacks that have not yet been included in the commercial pack.