ModSecurity is a powerful firewall for Apache web servers which is employed to prevent attacks against web applications. It keeps track of the HTTP traffic to a particular site in real time and prevents any intrusion attempts the instant it detects them. The firewall uses a set of rules to accomplish that - as an example, attempting to log in to a script administrator area without success a few times sets off one rule, sending a request to execute a particular file which could result in gaining access to the website triggers a different rule, etcetera. ModSecurity is among the best firewalls on the market and it'll protect even scripts that are not updated regularly since it can prevent attackers from using known exploits and security holes. Quite detailed information about each and every intrusion attempt is recorded and the logs the firewall keeps are considerably more detailed than the standard logs provided by the Apache server, so you may later examine them and determine if you need to take more measures so as to increase the safety of your script-driven Internet sites.

ModSecurity in Hosting

ModSecurity is supplied with all hosting machines, so if you opt to host your sites with our company, they will be resistant to a wide range of attacks. The firewall is turned on by default for all domains and subdomains, so there'll be nothing you shall have to do on your end. You shall be able to stop ModSecurity for any site if required, or to activate a detection mode, so that all activity will be recorded, but the firewall won't take any real action. You shall be able to view comprehensive logs through your Hepsia CP including the IP address where the attack came from, what the attacker wanted to do and how ModSecurity handled the threat. Since we take the security of our clients' websites seriously, we employ a set of commercial rules that we take from one of the best companies that maintain such rules. Our admins also include custom rules to make sure that your websites will be shielded from as many threats as possible.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting packages which we offer come with ModSecurity and since the firewall is switched on by default, any website you build under a domain or a subdomain shall be protected immediately. An independent section within the Hepsia CP that comes with the semi-dedicated accounts is devoted to ModSecurity and it shall enable you to stop and start the firewall for any Internet site or activate a detection mode. With the latter, ModSecurity shall not take any action, but it will still detect possible attacks and shall keep all info within a log as if it were fully active. The logs can be found inside the same section of the Control Panel and they offer specifics about the IP where an attack came from, what its nature was, what rule ModSecurity applies to recognize and stop it, etcetera. The security rules which we employ on our web servers are a mix of commercial ones from a security firm and custom ones made by our system admins. As a result, we offer increased security for your web programs as we can defend them from attacks even before security corporations release updates for new threats.

ModSecurity in VPS

ModSecurity comes with all Hepsia-based virtual private servers that we offer and it will be switched on automatically for every new domain or subdomain you add on the machine. In this way, any web app you install will be protected immediately without doing anything by hand on your end. The firewall may be handled via the section of the Control Panel that has the same name. This is the place whereyou could disable ModSecurity or enable its passive mode, so it will not take any action towards threats, but shall still maintain a comprehensive log. The recorded data is available in the same section as well and you'll be able to see what IPs any attacks came from so that you block them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity reacted. The rules that we use on our servers are a mix between commercial ones we obtain from a security firm and custom ones which are included by our admins to improve the security of any web apps hosted on our end.

ModSecurity in Dedicated Hosting

ModSecurity is included with all dedicated servers which are integrated with our Hepsia Control Panel and you'll not need to do anything specific on your end to employ it since it's turned on by default each time you include a new domain or subdomain on your web server. If it disrupts some of your applications, you shall be able to stop it through the respective section of Hepsia, or you can leave it in passive mode, so it will identify attacks and shall still keep a log for them, but won't prevent them. You could examine the logs later to find out what you can do to improve the protection of your Internet sites since you shall find information such as where an intrusion attempt originated from, what website was attacked and based on what rule ModSecurity responded, and so on. The rules that we employ are commercial, thus they're constantly updated by a security provider, but to be on the safe side, our administrators also add custom rules every now and then in order to deal with any new threats they have found.