ModSecurity is an efficient firewall for Apache web servers which is employed to stop attacks toward web applications. It tracks the HTTP traffic to a particular website in real time and blocks any intrusion attempts the instant it identifies them. The firewall relies on a set of rules to do this - for instance, trying to log in to a script administrator area unsuccessfully several times sets off one rule, sending a request to execute a specific file which could result in getting access to the site triggers a different rule, and so on. ModSecurity is one of the best firewalls around and it'll protect even scripts which aren't updated on a regular basis since it can prevent attackers from using known exploits and security holes. Quite comprehensive info about each intrusion attempt is recorded and the logs the firewall maintains are far more detailed than the conventional logs generated by the Apache server, so you could later examine them and determine whether you need to take additional measures so as to enhance the safety of your script-driven Internet sites.

ModSecurity in Shared Web Hosting

We provide ModSecurity with all shared web hosting solutions, so your Internet applications shall be resistant to destructive attacks. The firewall is activated as standard for all domains and subdomains, but if you'd like, you shall be able to stop it via the respective area of your Hepsia CP. You'll be able to also switch on a detection mode, so ModSecurity will keep a log as intended, but shall not take any action. The logs that you shall find inside Hepsia are very detailed and feature info about the nature of any attack, when it occurred and from what IP address, the firewall rule that was triggered, etcetera. We employ a group of commercial rules that are often updated, but sometimes our admins add custom rules as well in order to better protect the websites hosted on our machines.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting solutions that we offer feature ModSecurity and given that the firewall is turned on by default, any site that you build under a domain or a subdomain will be protected straight away. An individual section in the Hepsia CP that comes with the semi-dedicated accounts is devoted to ModSecurity and it will enable you to stop and start the firewall for any site or enable a detection mode. With the last option, ModSecurity will not take any action, but it shall still identify possible attacks and shall keep all info inside a log as if it were fully active. The logs can be found in the very same section of the CP and they include details about the IP where an attack came from, what its nature was, what rule ModSecurity applies to recognize and stop it, and so on. The security rules we use on our machines are a mix of commercial ones from a security firm and custom ones made by our system administrators. Consequently, we provide greater security for your web applications as we can shield them from attacks even before security corporations release updates for completely new threats.

ModSecurity in VPS

Protection is of the utmost importance to us, so we install ModSecurity on all virtual private servers that are set up with the Hepsia CP as a standard. The firewall could be managed through a dedicated section inside Hepsia and is switched on automatically when you add a new domain or create a subdomain, so you won't need to do anything personally. You shall also be able to deactivate it or activate the so-called detection mode, so it will maintain a log of potential attacks that you can later examine, but shall not stop them. The logs in both passive and active modes contain information about the type of the attack and how it was prevented, what IP it came from and other valuable information which could help you to tighten the security of your websites by updating them or blocking IPs, for instance. In addition to the commercial rules which we get for ModSecurity from a third-party security enterprise, we also use our own rules because from time to time we detect specific attacks that aren't yet present inside the commercial pack. This way, we can easily enhance the security of your VPS promptly instead of awaiting a certified update.

ModSecurity in Dedicated Hosting

When you opt to host your websites on a dedicated server with the Hepsia CP, your web programs will be secured immediately since ModSecurity is available with all Hepsia-based packages. You'll be able to regulate the firewall easily and if needed, you shall be able to turn it off or enable its passive mode when it shall only keep a log of what is happening without taking any action to prevent possible attacks. The logs that you'll find in the exact same section of the CP are really detailed and include details about the attacker IP, what site and file were attacked and in what way, what rule the firewall used to stop the intrusion, and so on. This information will enable you to take measures and boost the protection of your sites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones that our staff include when they detect attacks that haven't yet been included inside the commercial pack.