ModSecurity is a highly effective firewall for Apache web servers that's used to prevent attacks against web apps. It monitors the HTTP traffic to a specific Internet site in real time and stops any intrusion attempts as soon as it identifies them. The firewall uses a set of rules to do that - for example, trying to log in to a script admin area without success several times activates one rule, sending a request to execute a particular file that may result in getting access to the site triggers another rule, etc. ModSecurity is one of the best firewalls out there and it'll preserve even scripts that aren't updated often since it can prevent attackers from using known exploits and security holes. Incredibly comprehensive info about each intrusion attempt is recorded and the logs the firewall keeps are considerably more specific than the standard logs generated by the Apache server, so you can later examine them and decide if you need to take extra measures in order to improve the protection of your script-driven Internet sites.

ModSecurity in Hosting

ModSecurity comes by default with all hosting packages which we offer and it will be turned on automatically for any domain or subdomain which you add/create inside your Hepsia hosting CP. The firewall has 3 different modes, so you'll be able to activate and disable it with a mouse click or set it to detection mode, so it shall keep a log of all attacks, but it will not do anything to stop them. The log for each of your sites shall contain in-depth info which includes the nature of the attack, where it came from, what action was taken by ModSecurity, etc. The firewall rules which we use are regularly updated and incorporate both commercial ones which we get from a third-party security company and custom ones our system administrators include in case that they detect a new type of attacks. This way, the websites which you host here will be a lot more secure without any action needed on your end.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server solutions that we offer come with ModSecurity and because the firewall is switched on by default, any Internet site which you create under a domain or a subdomain will be secured right from the start. An independent section inside the Hepsia CP which comes with the semi-dedicated accounts is dedicated to ModSecurity and it shall enable you to start and stop the firewall for any website or activate a detection mode. With the last mentioned, ModSecurity won't take any action, but it will still identify possible attacks and shall keep all information in a log as if it were 100% active. The logs can be found within the same section of the CP and they offer details about the IP where an attack came from, what its nature was, what rule ModSecurity applies to detect and stop it, etc. The security rules we employ on our servers are a mix of commercial ones from a security business and custom ones made by our system administrators. As a result, we offer higher security for your web applications as we can protect them from attacks even before security firms release updates for brand new threats.

ModSecurity in VPS Servers

All VPS servers that are provided with the Hepsia CP feature ModSecurity. The firewall is installed and activated by default for all domains which are hosted on the server, so there won't be anything special that you'll have to do to protect your Internet sites. It'll take you simply a mouse click to stop ModSecurity if necessary or to activate its passive mode so that it records what happens without taking any actions to stop intrusions. You shall be able to see the logs generated in active or passive mode through the corresponding section of Hepsia and learn more about the form of the attack, where it originated from, what rule the firewall employed to tackle it, etc. We use a mixture of commercial and custom rules in order to make sure that ModSecurity shall prevent as many risks as possible, thus enhancing the security of your web applications as much as possible.

ModSecurity in Dedicated Servers

ModSecurity comes with all dedicated servers which are integrated with our Hepsia Control Panel and you'll not need to do anything specific on your end to use it since it's switched on by default every time you add a new domain or subdomain on your server. In the event that it interferes with some of your applications, you will be able to stop it via the respective section of Hepsia, or you may leave it operating in passive mode, so it'll detect attacks and will still keep a log for them, but will not block them. You could analyze the logs later to learn what you can do to improve the security of your sites since you will find information such as where an intrusion attempt originated from, what website was attacked and based upon what rule ModSecurity reacted, and so forth. The rules which we employ are commercial, thus they are regularly updated by a security company, but to be on the safe side, our administrators also add custom rules once in a while as to react to any new threats they have discovered.