ModSecurity is a powerful firewall for Apache web servers which is employed to stop attacks against web applications. It monitors the HTTP traffic to a particular Internet site in real time and stops any intrusion attempts as soon as it discovers them. The firewall uses a set of rules to do that - for instance, attempting to log in to a script administrator area unsuccessfully a few times triggers one rule, sending a request to execute a particular file that could result in gaining access to the website triggers a different rule, and so on. ModSecurity is amongst the best firewalls available and it will secure even scripts which aren't updated on a regular basis because it can prevent attackers from employing known exploits and security holes. Very thorough info about every intrusion attempt is recorded and the logs the firewall keeps are a lot more detailed than the conventional logs generated by the Apache server, so you can later examine them and determine if you need to take additional measures in order to improve the security of your script-driven Internet sites.

ModSecurity in Hosting

ModSecurity comes by default with all hosting solutions that we supply and it will be activated automatically for any domain or subdomain that you add/create in your Hepsia hosting CP. The firewall has 3 different modes, so you can activate and disable it with only a mouse click or set it to detection mode, so it shall maintain a log of all attacks, but it shall not do anything to stop them. The log for any of your Internet sites will include comprehensive information including the nature of the attack, where it came from, what action was taken by ModSecurity, and so on. The firewall rules which we use are frequently updated and include both commercial ones we get from a third-party security firm and custom ones which our system administrators include in the event that they detect a new kind of attacks. That way, the Internet sites you host here shall be a lot more secure with no action expected on your end.

ModSecurity in Semi-dedicated Servers

Any web program that you set up inside your new semi-dedicated server account shall be protected by ModSecurity since the firewall comes with all our hosting packages and is switched on by default for any domain and subdomain you include or create via your Hepsia hosting CP. You'll be able to manage ModSecurity through a dedicated area inside Hepsia where not only could you activate or deactivate it completely, but you could also switch on a passive mode, so the firewall shall not block anything, but it will still keep an archive of potential attacks. This takes simply a click and you will be able to look at the logs regardless of if ModSecurity is in active or passive mode through the same section - what the attack was and where it came from, how it was dealt with, and so on. The firewall employs 2 sets of rules on our web servers - a commercial one which we get from a third-party web security firm and a custom one that our administrators update manually as to respond to recently discovered risks immediately.

ModSecurity in VPS Servers

ModSecurity is provided with all Hepsia-based VPS servers we offer and it'll be turned on automatically for any new domain or subdomain which you include on the server. This way, any web app you install shall be secured immediately without doing anything personally on your end. The firewall may be handled through the section of the Control Panel that has the same name. This is the place whereyou'll be able to turn off ModSecurity or enable its passive mode, so it will not take any action towards threats, but shall still maintain a thorough log. The recorded info is available inside the same section as well and you will be able to see what IPs any attacks came from so that you can stop them, what the nature of the attempted attacks was and based upon what security rules ModSecurity reacted. The rules we use on our servers are a blend between commercial ones which we obtain from a security company and custom ones which are added by our administrators to optimize the protection of any web apps hosted on our end.

ModSecurity in Dedicated Servers

When you opt to host your Internet sites on a dedicated server with the Hepsia Control Panel, your web apps will be secured immediately since ModSecurity is supplied with all Hepsia-based solutions. You will be able to manage the firewall easily and if needed, you'll be able to turn it off or enable its passive mode when it shall only maintain a log of what is going on without taking any action to prevent potential attacks. The logs which you can find in the same section of the CP are really detailed and include information about the attacker IP address, what site and file were attacked and in what ways, what rule the firewall used to stop the intrusion, and so on. This data shall permit you to take measures and improve the security of your Internet sites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones that our administrators add whenever they identify attacks which have not yet been included in the commercial pack.