ModSecurity is an efficient firewall for Apache web servers that is used to stop attacks against web applications. It tracks the HTTP traffic to a certain Internet site in real time and stops any intrusion attempts as soon as it detects them. The firewall uses a set of rules to do this - for example, trying to log in to a script administrator area without success several times activates one rule, sending a request to execute a certain file that may result in gaining access to the Internet site triggers a different rule, etc. ModSecurity is amongst the best firewalls out there and it'll secure even scripts which aren't updated regularly because it can prevent attackers from employing known exploits and security holes. Quite detailed info about each intrusion attempt is recorded and the logs the firewall maintains are far more detailed than the regular logs generated by the Apache server, so you could later examine them and decide if you need to take more measures in order to increase the safety of your script-driven websites.

ModSecurity in Shared Website Hosting

We provide ModSecurity with all shared website hosting packages, so your Internet applications shall be protected against malicious attacks. The firewall is turned on as standard for all domains and subdomains, but if you'd like, you will be able to stop it via the respective section of your Hepsia Control Panel. You'll be able to also switch on a detection mode, so ModSecurity will keep a log as intended, but shall not take any action. The logs which you shall find in Hepsia are extremely detailed and include information about the nature of any attack, when it occurred and from what IP, the firewall rule which was triggered, and so on. We employ a set of commercial rules that are constantly updated, but sometimes our admins add custom rules as well so as to efficiently protect the sites hosted on our machines.

ModSecurity in Semi-dedicated Hosting

Any web application that you install in your new semi-dedicated hosting account will be protected by ModSecurity as the firewall is provided with all our hosting solutions and is turned on by default for any domain and subdomain you include or create via your Hepsia hosting CP. You shall be able to manage ModSecurity via a dedicated section within Hepsia where not only can you activate or deactivate it entirely, but you could also switch on a passive mode, so the firewall will not block anything, but it will still keep a record of potential attacks. This normally requires just a mouse click and you will be able to view the logs no matter if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was handled, etcetera. The firewall uses 2 sets of rules on our web servers - a commercial one which we get from a third-party web security firm and a custom one that our administrators update personally as to respond to recently discovered risks immediately.

ModSecurity in VPS Hosting

All virtual private servers that are offered with the Hepsia CP come with ModSecurity. The firewall is installed and switched on by default for all domains which are hosted on the server, so there shall not be anything special that you shall have to do to protect your Internet sites. It'll take you a click to stop ModSecurity if needed or to switch on its passive mode so that it records what goes on without taking any measures to stop intrusions. You will be able to view the logs created in active or passive mode from the corresponding section of Hepsia and learn more about the form of the attack, where it came from, what rule the firewall employed to handle it, etcetera. We use a mix of commercial and custom rules so as to ensure that ModSecurity shall block as many threats as possible, therefore increasing the security of your web apps as much as possible.

ModSecurity in Dedicated Web Hosting

If you opt to host your Internet sites on a dedicated server with the Hepsia Control Panel, your web applications shall be secured immediately since ModSecurity is provided with all Hepsia-based plans. You'll be able to manage the firewall with ease and if required, you will be able to turn it off or switch on its passive mode when it'll only keep a log of what is going on without taking any action to stop potential attacks. The logs which you will find in the exact same section of the Control Panel are incredibly detailed and include data about the attacker IP address, what website and file were attacked and in what ways, what rule the firewall employed to stop the intrusion, and so forth. This info shall enable you to take measures and improve the protection of your sites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones that our staff include whenever they recognize attacks that have not yet been included in the commercial pack.