ModSecurity is a powerful firewall for Apache web servers that is used to prevent attacks toward web apps. It monitors the HTTP traffic to a given site in real time and prevents any intrusion attempts the instant it discovers them. The firewall uses a set of rules to accomplish that - as an illustration, trying to log in to a script administrator area unsuccessfully several times sets off one rule, sending a request to execute a certain file that could result in gaining access to the website triggers another rule, and so on. ModSecurity is one of the best firewalls out there and it'll preserve even scripts that are not updated regularly since it can prevent attackers from using known exploits and security holes. Very comprehensive info about every single intrusion attempt is recorded and the logs the firewall keeps are much more detailed than the standard logs provided by the Apache server, so you can later analyze them and decide if you need to take more measures so as to enhance the security of your script-driven Internet sites.

ModSecurity in Cloud Hosting

ModSecurity is provided with all cloud hosting servers, so if you choose to host your sites with our organization, they shall be resistant to an array of attacks. The firewall is enabled as standard for all domains and subdomains, so there'll be nothing you'll have to do on your end. You shall be able to stop ModSecurity for any Internet site if required, or to enable a detection mode, so that all activity shall be recorded, but the firewall will not take any real action. You shall be able to view comprehensive logs via your Hepsia CP including the IP address where the attack originated from, what the attacker wished to do and how ModSecurity handled the threat. Since we take the protection of our customers' sites very seriously, we employ a selection of commercial rules which we get from one of the best companies that maintain this kind of rules. Our administrators also add custom rules to make sure that your sites will be protected against as many threats as possible.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting plans which we offer feature ModSecurity and because the firewall is switched on by default, any Internet site that you set up under a domain or a subdomain shall be secured right from the start. A separate section within the Hepsia CP that comes with the semi-dedicated accounts is dedicated to ModSecurity and it shall enable you to start and stop the firewall for any website or enable a detection mode. With the last option, ModSecurity won't take any action, but it will still recognize possible attacks and will keep all info in a log as if it were completely active. The logs could be found inside the exact same section of the CP and they offer information about the IP where an attack came from, what its nature was, what rule ModSecurity applies to detect and stop it, and so forth. The security rules which we employ on our machines are a mix of commercial ones from a security firm and custom ones created by our system admins. Consequently, we provide increased security for your web programs as we can defend them from attacks even before security corporations release updates for new threats.

ModSecurity in VPS

Protection is very important to us, so we install ModSecurity on all virtual private servers that are set up with the Hepsia Control Panel as a standard. The firewall can be managed through a dedicated section inside Hepsia and is activated automatically when you include a new domain or create a subdomain, so you won't need to do anything personally. You shall also be able to disable it or activate the so-called detection mode, so it will maintain a log of potential attacks you can later analyze, but will not prevent them. The logs in both passive and active modes offer info about the type of the attack and how it was stopped, what IP it came from and other valuable information that could help you to tighten the security of your Internet sites by updating them or blocking IPs, for example. Besides the commercial rules that we get for ModSecurity from a third-party security firm, we also implement our own rules as every now and then we discover specific attacks which are not yet present inside the commercial pack. This way, we can enhance the protection of your VPS instantly rather than waiting for a certified update.

ModSecurity in Dedicated Hosting

When you decide to host your websites on a dedicated server with the Hepsia CP, your web applications shall be protected right from the start since ModSecurity is available with all Hepsia-based packages. You'll be able to manage the firewall easily and if required, you will be able to turn it off or enable its passive mode when it'll only keep a log of what's happening without taking any action to prevent possible attacks. The logs that you'll find within the exact same section of the Control Panel are really detailed and contain data about the attacker IP, what website and file were attacked and in what way, what rule the firewall used to stop the intrusion, etc. This data shall allow you to take measures and boost the security of your websites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones that our administrators include every time they recognize attacks that have not yet been included within the commercial pack.