ModSecurity is an efficient firewall for Apache web servers that's used to stop attacks against web apps. It monitors the HTTP traffic to a given site in real time and stops any intrusion attempts the instant it identifies them. The firewall relies on a set of rules to do that - for instance, attempting to log in to a script administration area without success several times sets off one rule, sending a request to execute a particular file that may result in getting access to the site triggers a different rule, etc. ModSecurity is among the best firewalls out there and it'll secure even scripts which are not updated frequently since it can prevent attackers from using known exploits and security holes. Quite detailed info about every single intrusion attempt is recorded and the logs the firewall keeps are much more specific than the standard logs created by the Apache server, so you could later take a look at them and decide whether you need to take extra measures so as to increase the safety of your script-driven Internet sites.

ModSecurity in Web Hosting

ModSecurity is supplied with all web hosting machines, so if you choose to host your Internet sites with our business, they'll be protected against an array of attacks. The firewall is enabled by default for all domains and subdomains, so there shall be nothing you shall need to do on your end. You will be able to stop ModSecurity for any website if needed, or to activate a detection mode, so that all activity shall be recorded, but the firewall will not take any real action. You'll be able to view specific logs via your Hepsia CP including the IP where the attack came from, what the attacker wished to do and how ModSecurity addressed the threat. Since we take the safety of our customers' sites seriously, we use a set of commercial rules which we take from one of the leading companies that maintain such rules. Our admins also include custom rules to ensure that your websites shall be resistant to as many risks as possible.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting solutions that we offer feature ModSecurity and because the firewall is enabled by default, any site which you set up under a domain or a subdomain will be protected right from the start. An individual section in the Hepsia Control Panel that comes with the semi-dedicated accounts is devoted to ModSecurity and it'll allow you to start and stop the firewall for any Internet site or switch on a detection mode. With the last option, ModSecurity shall not take any action, but it'll still recognize possible attacks and will keep all information within a log as if it were 100% active. The logs can be found in the very same section of the Control Panel and they feature info about the IP where an attack came from, what its nature was, what rule ModSecurity applies to identify and stop it, and so forth. The security rules which we use on our machines are a mix between commercial ones from a security firm and custom ones made by our system admins. For that reason, we offer greater security for your web programs as we can protect them from attacks before security businesses release updates for new threats.

ModSecurity in VPS Web Hosting

ModSecurity is pre-installed on all virtual private servers that are set up with the Hepsia hosting Control Panel, so your web programs shall be secured from the moment your server is ready. The firewall is switched on by default for any domain or subdomain on the VPS, but if required, you can deactivate it with a mouse click via the corresponding section of Hepsia. You could also set it to function in detection mode, so it shall keep a comprehensive log of any potential attacks without taking any action to prevent them. The logs are available within the exact same section and offer details about the nature of the attack, what IP address it came from and what ModSecurity rule was initiated to stop it. For best security, we use not just commercial rules from a firm operating in the field of web security, but also custom ones which our admins add personally so as to react to new risks that are still not dealt with in the commercial rules.

ModSecurity in Dedicated Servers Hosting

ModSecurity is included with all dedicated servers which are set up with our Hepsia CP and you'll not have to do anything specific on your end to employ it since it's activated by default each time you include a new domain or subdomain on your hosting server. In the event that it interferes with some of your apps, you shall be able to stop it through the respective part of Hepsia, or you can leave it operating in passive mode, so it'll detect attacks and will still maintain a log for them, but won't block them. You may examine the logs later to find out what you can do to enhance the safety of your websites since you will find information such as where an intrusion attempt originated from, what site was attacked and in accordance with what rule ModSecurity responded, etcetera. The rules which we employ are commercial, hence they're regularly updated by a security provider, but to be on the safe side, our admins also add custom rules every now and then as to react to any new threats they have found.