ModSecurity is a powerful firewall for Apache web servers that's employed to stop attacks towards web applications. It monitors the HTTP traffic to a given site in real time and blocks any intrusion attempts as soon as it identifies them. The firewall uses a set of rules to do this - as an example, attempting to log in to a script administrator area without success several times sets off one rule, sending a request to execute a certain file which may result in getting access to the website triggers another rule, etc. ModSecurity is amongst the best firewalls around and it'll secure even scripts that aren't updated often as it can prevent attackers from employing known exploits and security holes. Incredibly detailed information about every intrusion attempt is recorded and the logs the firewall maintains are far more comprehensive than the regular logs generated by the Apache server, so you may later analyze them and determine whether you need to take additional measures in order to enhance the security of your script-driven Internet sites.

ModSecurity in Shared Hosting

ModSecurity comes standard with all shared hosting packages which we provide and it shall be switched on automatically for any domain or subdomain which you add/create within your Hepsia hosting Control Panel. The firewall has 3 different modes, so you'll be able to switch on and disable it with just a mouse click or set it to detection mode, so it'll maintain a log of all attacks, but it'll not do anything to stop them. The log for any of your Internet sites shall feature detailed info which includes the nature of the attack, where it came from, what action was taken by ModSecurity, etc. The firewall rules that we use are constantly updated and comprise of both commercial ones we get from a third-party security firm and custom ones that our system admins add in case that they detect a new sort of attacks. This way, the sites that you host here will be a lot more protected with no action needed on your end.

ModSecurity in Semi-dedicated Servers

Any web app you set up inside your new semi-dedicated server account will be protected by ModSecurity because the firewall is included with all our hosting plans and is activated by default for any domain and subdomain you add or create using your Hepsia hosting CP. You will be able to manage ModSecurity via a dedicated section inside Hepsia where not only can you activate or deactivate it fully, but you may also activate a passive mode, so the firewall won't stop anything, but it shall still keep an archive of potential attacks. This takes only a click and you shall be able to view the logs no matter if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was handled, and so forth. The firewall employs two sets of rules on our servers - a commercial one that we get from a third-party web security company and a custom one that our admins update manually in order to respond to newly discovered risks immediately.

ModSecurity in VPS Servers

All VPS servers that are offered with the Hepsia CP feature ModSecurity. The firewall is installed and turned on by default for all domains which are hosted on the web server, so there won't be anything special that you'll need to do to protect your sites. It shall take you simply a click to stop ModSecurity if required or to switch on its passive mode so that it records what occurs without taking any measures to stop intrusions. You shall be able to look at the logs produced in active or passive mode through the corresponding section of Hepsia and find out more about the type of the attack, where it came from, what rule the firewall used to deal with it, etcetera. We use a mixture of commercial and custom rules so as to ensure that ModSecurity shall prevent as many risks as possible, consequently boosting the protection of your web apps as much as possible.

ModSecurity in Dedicated Servers

When you decide to host your sites on a dedicated server with the Hepsia Control Panel, your web programs will be secured right from the start as ModSecurity is available with all Hepsia-based packages. You shall be able to control the firewall with ease and if necessary, you shall be able to turn it off or enable its passive mode when it'll only maintain a log of what's taking place without taking any action to stop possible attacks. The logs that you can find within the same section of the Control Panel are very detailed and feature information about the attacker IP address, what site and file were attacked and in what ways, what rule the firewall used to stop the intrusion, and so forth. This data shall allow you to take measures and enhance the security of your Internet sites even more. To be on the safe side, we employ not just commercial rules, but also custom-made ones which our administrators add whenever they detect attacks which have not yet been included inside the commercial pack.