ModSecurity is an effective firewall for Apache web servers that's used to stop attacks towards web applications. It tracks the HTTP traffic to a certain site in real time and prevents any intrusion attempts as soon as it detects them. The firewall relies on a set of rules to do this - as an illustration, trying to log in to a script administration area without success a few times sets off one rule, sending a request to execute a specific file that may result in accessing the website triggers a different rule, and so forth. ModSecurity is among the best firewalls available on the market and it'll protect even scripts which are not updated often because it can prevent attackers from using known exploits and security holes. Quite detailed info about each and every intrusion attempt is recorded and the logs the firewall keeps are much more specific than the conventional logs created by the Apache server, so you may later take a look at them and decide if you need to take extra measures so as to increase the security of your script-driven sites.

ModSecurity in Shared Hosting

ModSecurity comes by default with all shared hosting plans that we provide and it'll be switched on automatically for any domain or subdomain which you add/create inside your Hepsia hosting Control Panel. The firewall has 3 different modes, so you could activate and deactivate it with just a mouse click or set it to detection mode, so it will keep a log of all attacks, but it shall not do anything to stop them. The log for any of your websites will feature elaborate information which includes the nature of the attack, where it came from, what action was taken by ModSecurity, and so forth. The firewall rules we use are regularly updated and comprise of both commercial ones we get from a third-party security company and custom ones which our system admins include in the event that they detect a new sort of attacks. That way, the sites which you host here will be much more secure without any action required on your end.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting solutions which we offer feature ModSecurity and because the firewall is turned on by default, any site which you build under a domain or a subdomain shall be protected right away. A separate section inside the Hepsia Control Panel which comes with the semi-dedicated accounts is devoted to ModSecurity and it'll permit you to start and stop the firewall for any site or switch on a detection mode. With the last option, ModSecurity will not take any action, but it shall still recognize possible attacks and will keep all info inside a log as if it were completely active. The logs can be found in the exact same section of the CP and they offer info about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to identify and stop it, etcetera. The security rules we use on our web servers are a mix between commercial ones from a security company and custom ones developed by our system administrators. As a result, we provide higher security for your web programs as we can protect them from attacks before security corporations release updates for completely new threats.

ModSecurity in VPS Hosting

Security is of the utmost importance to us, so we set up ModSecurity on all virtual private servers which are made available with the Hepsia Control Panel as a standard. The firewall can be managed through a dedicated section inside Hepsia and is turned on automatically when you add a new domain or generate a subdomain, so you will not have to do anything by hand. You will also be able to deactivate it or switch on the so-called detection mode, so it'll maintain a log of possible attacks you can later study, but won't stop them. The logs in both passive and active modes include details about the kind of the attack and how it was eliminated, what IP it originated from and other useful information that could help you to tighten the security of your Internet sites by updating them or blocking IPs, as an example. In addition to the commercial rules that we get for ModSecurity from a third-party security firm, we also implement our own rules because occasionally we discover specific attacks that aren't yet present inside the commercial pack. That way, we can easily enhance the security of your Virtual private server instantly rather than waiting for an official update.

ModSecurity in Dedicated Web Hosting

All our dedicated servers which are set up with the Hepsia hosting CP come with ModSecurity, so any program you upload or install shall be properly secured from the very beginning and you won't have to worry about common attacks or vulnerabilities. A separate section inside Hepsia will permit you to start or stop the firewall for any domain or subdomain, or turn on a detection mode so that it records information about intrusions, but doesn't take actions to stop them. What you'll discover in the logs can allow you to to secure your websites better - the IP an attack originated from, what site was attacked and in what way, what ModSecurity rule was triggered, and so forth. With this information, you can see if a website needs an update, if you ought to block IPs from accessing your web server, and so forth. In addition to the third-party commercial security rules for ModSecurity which we use, our administrators include custom ones too when they discover a new threat that's not yet included in the commercial bundle.