ModSecurity is a highly effective firewall for Apache web servers which is used to prevent attacks against web apps. It keeps track of the HTTP traffic to a certain Internet site in real time and blocks any intrusion attempts the moment it identifies them. The firewall uses a set of rules to do this - as an example, trying to log in to a script admin area without success many times triggers one rule, sending a request to execute a certain file which may result in accessing the website triggers a different rule, and so on. ModSecurity is among the best firewalls out there and it'll protect even scripts that aren't updated regularly because it can prevent attackers from employing known exploits and security holes. Quite thorough info about each and every intrusion attempt is recorded and the logs the firewall keeps are far more comprehensive than the conventional logs generated by the Apache server, so you can later examine them and determine whether you need to take additional measures in order to boost the safety of your script-driven Internet sites.

ModSecurity in Cloud Website Hosting

ModSecurity comes by default with all cloud website hosting plans which we provide and it'll be switched on automatically for any domain or subdomain which you add/create within your Hepsia hosting Control Panel. The firewall has three different modes, so you can activate and disable it with just a mouse click or set it to detection mode, so it'll keep a log of all attacks, but it will not do anything to stop them. The log for each of your sites shall feature comprehensive information which includes the nature of the attack, where it came from, what action was taken by ModSecurity, etcetera. The firewall rules which we use are regularly updated and comprise of both commercial ones we get from a third-party security company and custom ones which our system administrators add in case that they detect a new type of attacks. That way, the Internet sites which you host here will be far more secure with no action needed on your end.

ModSecurity in Semi-dedicated Hosting

ModSecurity is a part of our semi-dedicated hosting solutions and if you choose to host your sites with our company, there shall not be anything special you will have to do since the firewall is switched on by default for all domains and subdomains which you add through your hosting CP. If needed, you can disable ModSecurity for a certain site or switch on the so-called detection mode in which case the firewall shall still work and record info, but won't do anything to prevent potential attacks against your Internet sites. Detailed logs shall be available in your CP and you will be able to see what type of attacks took place, what security rules were triggered and how the firewall addressed the threats, what IP addresses the attacks originated from, etcetera. We employ two kinds of rules on our servers - commercial ones from a firm that operates in the field of web security, and customized ones that our administrators often add to respond to newly discovered threats on time.

ModSecurity in VPS

ModSecurity is pre-installed on all virtual private servers that are provided with the Hepsia hosting Control Panel, so your web programs shall be secured from the second your server is ready. The firewall is activated by default for any domain or subdomain on the Virtual Private Server, but if required, you could deactivate it with a mouse click through the corresponding section of Hepsia. You could also set it to operate in detection mode, so it'll keep a detailed log of any potential attacks without taking any action to prevent them. The logs can be found within the very same section and include information regarding the nature of the attack, what IP address it came from and what ModSecurity rule was initiated to stop it. For maximum security, we use not only commercial rules from a firm operating in the field of web security, but also custom ones which our admins include manually in order to respond to new risks which are still not dealt with in the commercial rules.

ModSecurity in Dedicated Hosting

If you decide to host your websites on a dedicated server with the Hepsia CP, your web apps shall be secured right from the start because ModSecurity is provided with all Hepsia-based solutions. You shall be able to control the firewall with ease and if necessary, you shall be able to turn it off or switch on its passive mode when it will only maintain a log of what's going on without taking any action to prevent possible attacks. The logs that you will find in the same section of the CP are very detailed and contain info about the attacker IP address, what site and file were attacked and in what ways, what rule the firewall used to stop the intrusion, and so on. This data shall allow you to take measures and enhance the security of your sites even more. To be on the safe side, we use not just commercial rules, but also custom-made ones which our admins include when they detect attacks that have not yet been included in the commercial pack.