ModSecurity is an efficient firewall for Apache web servers that's used to prevent attacks toward web apps. It monitors the HTTP traffic to a particular website in real time and blocks any intrusion attempts the instant it detects them. The firewall relies on a set of rules to do that - as an example, trying to log in to a script administration area without success several times activates one rule, sending a request to execute a particular file that could result in getting access to the website triggers a different rule, etc. ModSecurity is among the best firewalls available and it'll preserve even scripts which are not updated on a regular basis because it can prevent attackers from using known exploits and security holes. Incredibly comprehensive information about each and every intrusion attempt is recorded and the logs the firewall keeps are a lot more detailed than the conventional logs generated by the Apache server, so you may later analyze them and determine if you need to take additional measures in order to boost the safety of your script-driven Internet sites.

ModSecurity in Shared Web Hosting

ModSecurity comes standard with all shared web hosting packages that we supply and it shall be activated automatically for any domain or subdomain you add/create inside your Hepsia hosting Control Panel. The firewall has three different modes, so you can activate and deactivate it with only a click or set it to detection mode, so it will keep a log of all attacks, but it'll not do anything to stop them. The log for each of your websites shall contain comprehensive information including the nature of the attack, where it came from, what action was taken by ModSecurity, and so forth. The firewall rules we use are frequently updated and incorporate both commercial ones which we get from a third-party security firm and custom ones our system administrators add in the event that they detect a new type of attacks. In this way, the sites you host here shall be much more secure with no action required on your end.

ModSecurity in Semi-dedicated Hosting

We've included ModSecurity as a standard in all semi-dedicated hosting products, so your web applications will be protected whenever you install them under any domain or subdomain. The Hepsia Control Panel which is included with the semi-dedicated accounts shall permit you to activate or disable the firewall for any Internet site with a mouse click. You will also have the ability to turn on a passive detection mode in which ModSecurity will keep a log of possible attacks without actually stopping them. The detailed logs include things like the nature of the attack and what ModSecurity response this attack activated, where it came from, etc. The list of rules that we employ is regularly updated as to match any new threats which might appear on the Internet and it consists of both commercial rules that we get from a security business and custom-written ones which our admins include if they find a threat which is not present in the commercial list yet.

ModSecurity in VPS Web Hosting

Safety is essential to us, so we install ModSecurity on all virtual private servers which are made available with the Hepsia Control Panel by default. The firewall could be managed through a dedicated section within Hepsia and is turned on automatically when you add a new domain or generate a subdomain, so you won't have to do anything personally. You shall also be able to disable it or switch on the so-called detection mode, so it'll keep a log of possible attacks you can later examine, but shall not block them. The logs in both passive and active modes contain info about the kind of the attack and how it was stopped, what IP address it originated from and other useful information which could help you to tighten the security of your sites by updating them or blocking IPs, for instance. Besides the commercial rules we get for ModSecurity from a third-party security company, we also use our own rules since once in a while we find specific attacks that aren't yet present within the commercial package. That way, we can easily improve the protection of your VPS immediately as opposed to awaiting an official update.

ModSecurity in Dedicated Servers Hosting

All of our dedicated servers that are installed with the Hepsia hosting CP come with ModSecurity, so any application which you upload or set up shall be properly secured from the very beginning and you won't have to stress about common attacks or vulnerabilities. A separate section in Hepsia will allow you to start or stop the firewall for each domain or subdomain, or turn on a detection mode so that it records information about intrusions, but does not take actions to prevent them. What you shall find in the logs can enable you to to secure your websites better - the IP an attack came from, what website was attacked and exactly how, what ModSecurity rule was triggered, and so on. With this information, you could see if a website needs an update, whether you ought to block IPs from accessing your web server, and so forth. Aside from the third-party commercial security rules for ModSecurity which we use, our administrators add custom ones too every time they come across a new threat that is not yet a part of the commercial bundle.