ModSecurity is a highly effective firewall for Apache web servers that is used to stop attacks towards web apps. It monitors the HTTP traffic to a specific site in real time and stops any intrusion attempts the instant it identifies them. The firewall relies on a set of rules to do that - as an example, attempting to log in to a script administration area without success several times activates one rule, sending a request to execute a specific file that could result in gaining access to the site triggers another rule, etcetera. ModSecurity is amongst the best firewalls out there and it'll preserve even scripts which aren't updated on a regular basis since it can prevent attackers from using known exploits and security holes. Very thorough data about every intrusion attempt is recorded and the logs the firewall maintains are considerably more detailed than the conventional logs generated by the Apache server, so you can later examine them and decide if you need to take additional measures in order to boost the safety of your script-driven websites.

ModSecurity in Cloud Web Hosting

ModSecurity comes by default with all cloud web hosting plans that we supply and it shall be turned on automatically for any domain or subdomain that you add/create inside your Hepsia hosting Control Panel. The firewall has 3 different modes, so you can switch on and disable it with a mouse click or set it to detection mode, so it shall maintain a log of all attacks, but it shall not do anything to stop them. The log for each of your sites shall contain detailed information which includes the nature of the attack, where it originated from, what action was taken by ModSecurity, and so on. The firewall rules we use are regularly updated and comprise of both commercial ones that we get from a third-party security business and custom ones which our system administrators include in the event that they detect a new type of attacks. In this way, the Internet sites you host here shall be way more protected without any action needed on your end.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server plans that we offer feature ModSecurity and because the firewall is switched on by default, any website you create under a domain or a subdomain shall be protected right from the start. An independent section in the Hepsia CP which comes with the semi-dedicated accounts is dedicated to ModSecurity and it will allow you to start and stop the firewall for any Internet site or activate a detection mode. With the last mentioned, ModSecurity won't take any action, but it will still detect possible attacks and shall keep all info inside a log as if it were fully active. The logs could be found inside the same section of the CP and they feature information regarding the IP where an attack originated from, what its nature was, what rule ModSecurity applies to identify and stop it, etc. The security rules we employ on our servers are a mix between commercial ones from a security business and custom ones created by our system administrators. As a result, we provide increased security for your web applications as we can defend them from attacks before security firms release updates for brand new threats.

ModSecurity in VPS Servers

All VPS servers which are offered with the Hepsia CP feature ModSecurity. The firewall is set up and switched on by default for all domains that are hosted on the server, so there shall not be anything special which you'll need to do to protect your Internet sites. It shall take you simply a click to stop ModSecurity if necessary or to turn on its passive mode so that it records what happens without taking any steps to stop intrusions. You shall be able to view the logs generated in passive or active mode through the corresponding section of Hepsia and find out more about the type of the attack, where it originated from, what rule the firewall employed to handle it, and so on. We employ a mix of commercial and custom rules so as to make sure that ModSecurity shall block out as many risks as possible, therefore boosting the security of your web programs as much as possible.

ModSecurity in Dedicated Servers

All of our dedicated servers which are set up with the Hepsia hosting CP come with ModSecurity, so any app you upload or set up will be secured from the very beginning and you won't need to worry about common attacks or vulnerabilities. An independent section in Hepsia will enable you to start or stop the firewall for every domain or subdomain, or switch on a detection mode so that it records details about intrusions, but does not take actions to prevent them. What you'll find in the logs can easily allow you to to secure your sites better - the IP address an attack came from, what website was attacked as well as how, what ModSecurity rule was triggered, etcetera. With this info, you could see if an Internet site needs an update, if you ought to block IPs from accessing your web server, and so forth. Aside from the third-party commercial security rules for ModSecurity we use, our admins add custom ones too whenever they discover a new threat that's not yet included in the commercial bundle.