ModSecurity is an effective firewall for Apache web servers which is used to prevent attacks towards web applications. It keeps track of the HTTP traffic to a specific website in real time and prevents any intrusion attempts as soon as it identifies them. The firewall relies on a set of rules to do this - as an illustration, trying to log in to a script administrator area without success many times activates one rule, sending a request to execute a certain file that may result in getting access to the website triggers a different rule, and so forth. ModSecurity is among the best firewalls out there and it'll protect even scripts which aren't updated often as it can prevent attackers from using known exploits and security holes. Quite comprehensive information about each intrusion attempt is recorded and the logs the firewall maintains are far more detailed than the regular logs provided by the Apache server, so you could later examine them and decide whether you need to take additional measures so as to enhance the security of your script-driven Internet sites.

ModSecurity in Shared Website Hosting

ModSecurity is offered with every single shared website hosting package which we offer and it is switched on by default for every domain or subdomain which you add via your Hepsia Control Panel. If it interferes with any of your applications or you would like to disable it for some reason, you will be able to do this through the ModSecurity section of Hepsia with just a click. You may also use a passive mode, so the firewall will recognize possible attacks and keep a log, but will not take any action. You'll be able to see detailed logs in the same section, including the IP address where the attack came from, exactly what the attacker attempted to do and at what time, what ModSecurity did, etcetera. For optimum security of our clients we use a group of commercial firewall rules combined with custom ones which are added by our system administrators.

ModSecurity in Semi-dedicated Servers

Any web app that you install within your new semi-dedicated server account will be protected by ModSecurity because the firewall comes with all our hosting plans and is turned on by default for any domain and subdomain that you include or create through your Hepsia hosting CP. You'll be able to manage ModSecurity through a dedicated area within Hepsia where not only can you activate or deactivate it entirely, but you may also enable a passive mode, so the firewall shall not block anything, but it shall still maintain a record of possible attacks. This takes just a click and you will be able to view the logs regardless of if ModSecurity is in passive or active mode through the same section - what the attack was and where it came from, how it was handled, and so on. The firewall employs two groups of rules on our web servers - a commercial one which we get from a third-party web security firm and a custom one that our administrators update manually in order to respond to recently discovered risks at the earliest opportunity.

ModSecurity in VPS Servers

All VPS servers that are offered with the Hepsia Control Panel include ModSecurity. The firewall is set up and activated by default for all domains that are hosted on the server, so there won't be anything special which you will have to do to protect your websites. It will take you only a mouse click to stop ModSecurity if necessary or to activate its passive mode so that it records what happens without taking any actions to stop intrusions. You will be able to look at the logs created in active or passive mode from the corresponding section of Hepsia and find out more about the form of the attack, where it came from, what rule the firewall used to tackle it, and so forth. We use a mix of commercial and custom rules in order to ensure that ModSecurity will block out as many threats as possible, consequently increasing the protection of your web apps as much as possible.

ModSecurity in Dedicated Servers

All our dedicated servers which are installed with the Hepsia hosting Control Panel include ModSecurity, so any program that you upload or install will be properly secured from the very beginning and you'll not have to concern yourself with common attacks or vulnerabilities. An independent section inside Hepsia will permit you to start or stop the firewall for each domain or subdomain, or switch on a detection mode so that it records information regarding intrusions, but does not take actions to prevent them. What you'll discover in the logs shall allow you to to secure your sites better - the IP address an attack came from, what website was attacked and exactly how, what ModSecurity rule was triggered, and so on. With this information, you'll be able to see whether a site needs an update, whether you need to block IPs from accessing your server, etc. Aside from the third-party commercial security rules for ModSecurity that we use, our administrators include custom ones as well if they discover a new threat that's not yet in the commercial bundle.