ModSecurity is an effective firewall for Apache web servers which is employed to stop attacks against web apps. It keeps track of the HTTP traffic to a given site in real time and prevents any intrusion attempts as soon as it detects them. The firewall relies on a set of rules to do this - for instance, trying to log in to a script administration area unsuccessfully many times activates one rule, sending a request to execute a specific file which could result in getting access to the website triggers a different rule, etcetera. ModSecurity is among the best firewalls on the market and it'll protect even scripts that are not updated frequently because it can prevent attackers from using known exploits and security holes. Very detailed information about every single intrusion attempt is recorded and the logs the firewall maintains are a lot more specific than the regular logs created by the Apache server, so you could later examine them and determine if you need to take additional measures so as to boost the protection of your script-driven websites.

ModSecurity in Hosting

ModSecurity is supplied with all hosting web servers, so when you decide to host your websites with our firm, they shall be resistant to a wide range of attacks. The firewall is enabled by default for all domains and subdomains, so there shall be nothing you will need to do on your end. You shall be able to stop ModSecurity for any Internet site if required, or to switch on a detection mode, so that all activity shall be recorded, but the firewall shall not take any real action. You'll be able to view detailed logs through your Hepsia CP including the IP where the attack came from, what the attacker planned to do and how ModSecurity handled the threat. As we take the protection of our clients' websites very seriously, we use a group of commercial rules which we get from one of the top firms that maintain this type of rules. Our administrators also include custom rules to make certain that your Internet sites shall be protected against as many threats as possible.

ModSecurity in Semi-dedicated Hosting

ModSecurity is part of our semi-dedicated hosting packages and if you choose to host your Internet sites with us, there won't be anything special you will have to do given that the firewall is switched on by default for all domains and subdomains that you add using your hosting CP. If necessary, you could disable ModSecurity for a given site or switch on the so-called detection mode in which case the firewall shall still function and record information, but shall not do anything to stop possible attacks on your sites. Thorough logs shall be accessible in your Control Panel and you will be able to see which kind of attacks occurred, what security rules were triggered and how the firewall addressed the threats, what Internet protocol addresses the attacks came from, etcetera. We employ 2 kinds of rules on our servers - commercial ones from a business which operates in the field of web security, and custom made ones that our administrators sometimes add to respond to newly found risks promptly.

ModSecurity in VPS

ModSecurity comes with all Hepsia-based virtual private servers that we offer and it shall be activated automatically for any new domain or subdomain that you include on the hosting server. This way, any web application that you install shall be protected from the very beginning without doing anything manually on your end. The firewall can be handled through the section of the Control Panel that bears the same name. This is the place whereyou could switch off ModSecurity or activate its passive mode, so it won't take any action toward threats, but will still keep a comprehensive log. The recorded data is available inside the same section as well and you shall be able to see what IPs any attacks originated from to enable you to block them, what the nature of the attempted attacks was and based upon what security rules ModSecurity responded. The rules that we use on our servers are a mixture between commercial ones we obtain from a security company and custom ones that are included by our staff to optimize the security of any web apps hosted on our end.

ModSecurity in Dedicated Hosting

If you decide to host your Internet sites on a dedicated server with the Hepsia CP, your web apps will be secured right from the start as ModSecurity is supplied with all Hepsia-based packages. You shall be able to manage the firewall easily and if needed, you will be able to turn it off or activate its passive mode when it will only keep a log of what is taking place without taking any action to stop possible attacks. The logs which you will find in the exact same section of the CP are quite detailed and include information about the attacker IP address, what site and file were attacked and in what ways, what rule the firewall used to prevent the intrusion, and so forth. This data shall permit you to take measures and enhance the security of your websites even more. To be on the safe side, we use not only commercial rules, but also custom-made ones which our administrators add when they detect attacks that have not yet been included within the commercial pack.