ModSecurity is an effective firewall for Apache web servers that is used to stop attacks against web applications. It monitors the HTTP traffic to a given site in real time and prevents any intrusion attempts as soon as it discovers them. The firewall uses a set of rules to accomplish that - as an illustration, attempting to log in to a script administration area without success many times sets off one rule, sending a request to execute a specific file which may result in gaining access to the Internet site triggers a different rule, etc. ModSecurity is one of the best firewalls available and it'll preserve even scripts which aren't updated regularly as it can prevent attackers from using known exploits and security holes. Incredibly detailed info about every intrusion attempt is recorded and the logs the firewall maintains are much more detailed than the conventional logs created by the Apache server, so you can later analyze them and determine whether you need to take extra measures so as to improve the protection of your script-driven sites.

ModSecurity in Website Hosting

ModSecurity can be found with every single website hosting package which we provide and it's turned on by default for any domain or subdomain which you include via your Hepsia Control Panel. In case it interferes with any of your applications or you'd like to disable it for whatever reason, you shall be able to accomplish that through the ModSecurity section of Hepsia with just a mouse click. You could also enable a passive mode, so the firewall will discover possible attacks and keep a log, but won't take any action. You could see comprehensive logs in the same section, including the IP address where the attack originated from, what precisely the attacker tried to do and at what time, what ModSecurity did, and so on. For optimum security of our customers we use a set of commercial firewall rules blended with custom ones that are added by our system administrators.

ModSecurity in Semi-dedicated Hosting

Any web program that you set up in your new semi-dedicated hosting account shall be protected by ModSecurity as the firewall is included with all our hosting packages and is turned on by default for any domain and subdomain which you add or create via your Hepsia hosting Control Panel. You will be able to manage ModSecurity through a dedicated area within Hepsia where not only could you activate or deactivate it fully, but you could also switch on a passive mode, so the firewall will not block anything, but it'll still maintain a record of potential attacks. This requires simply a mouse click and you shall be able to see the logs regardless if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was dealt with, etcetera. The firewall uses 2 groups of rules on our machines - a commercial one which we get from a third-party web security company and a custom one that our admins update manually as to respond to newly discovered threats as fast as possible.

ModSecurity in VPS Hosting

ModSecurity is pre-installed on all virtual private servers that are set up with the Hepsia hosting CP, so your web apps shall be secured from the instant your server is ready. The firewall is switched on by default for any domain or subdomain on the Virtual Private Server, but if required, you'll be able to disable it with a click from the corresponding section of Hepsia. You may also set it to operate in detection mode, so it'll keep a comprehensive log of any potential attacks without taking any action to prevent them. The logs can be found inside the exact same section and include information about the nature of the attack, what IP it originated from and what ModSecurity rule was initiated to stop it. For optimum security, we use not only commercial rules from a company working in the field of web security, but also custom ones our admins add personally so as to react to new risks that are still not dealt with in the commercial rules.

ModSecurity in Dedicated Web Hosting

All of our dedicated servers which are set up with the Hepsia hosting CP include ModSecurity, so any program you upload or set up will be secured from the very beginning and you will not need to bother about common attacks or vulnerabilities. An individual section inside Hepsia will allow you to start or stop the firewall for each and every domain or subdomain, or activate a detection mode so that it records information about intrusions, but doesn't take actions to prevent them. What you will find in the logs can help you to secure your sites better - the IP an attack originated from, what website was attacked and how, what ModSecurity rule was triggered, and so on. With this info, you can see if an Internet site needs an update, if you ought to block IPs from accessing your server, and so forth. Aside from the third-party commercial security rules for ModSecurity we use, our administrators include custom ones too when they discover a new threat which is not yet in the commercial bundle.