ModSecurity is a highly effective firewall for Apache web servers which is employed to prevent attacks against web apps. It monitors the HTTP traffic to a certain website in real time and stops any intrusion attempts the instant it detects them. The firewall relies on a set of rules to do that - for instance, attempting to log in to a script admin area unsuccessfully many times sets off one rule, sending a request to execute a certain file which could result in getting access to the website triggers a different rule, etcetera. ModSecurity is one of the best firewalls out there and it will secure even scripts that are not updated often since it can prevent attackers from using known exploits and security holes. Incredibly thorough information about every intrusion attempt is recorded and the logs the firewall maintains are far more specific than the conventional logs provided by the Apache server, so you can later examine them and decide if you need to take extra measures so as to enhance the protection of your script-driven Internet sites.

ModSecurity in Cloud Hosting

ModSecurity comes standard with all cloud hosting packages which we offer and it shall be turned on automatically for any domain or subdomain that you add/create within your Hepsia hosting CP. The firewall has 3 different modes, so you can switch on and disable it with a mouse click or set it to detection mode, so it will keep a log of all attacks, but it shall not do anything to stop them. The log for each of your sites shall include in-depth info including the nature of the attack, where it originated from, what action was taken by ModSecurity, and so forth. The firewall rules which we use are constantly updated and include both commercial ones that we get from a third-party security firm and custom ones our system admins add in the event that they detect a new sort of attacks. That way, the Internet sites you host here will be much more secure without any action expected on your end.

ModSecurity in Semi-dedicated Servers

We've incorporated ModSecurity as a standard in all semi-dedicated server products, so your web apps will be protected the instant you set them up under any domain or subdomain. The Hepsia Control Panel that comes with the semi-dedicated accounts will permit you to enable or disable the firewall for any Internet site with a mouse click. You'll also have the ability to switch on a passive detection mode with which ModSecurity shall keep a log of possible attacks without actually preventing them. The thorough logs contain the nature of the attack and what ModSecurity response this attack triggered, where it came from, etc. The list of rules which we employ is constantly updated in order to match any new threats that might appear on the Internet and it comes with both commercial rules that we get from a security firm and custom-written ones that our admins add if they discover a threat that is not present in the commercial list yet.

ModSecurity in VPS Servers

ModSecurity is pre-installed on all VPS servers that are offered with the Hepsia hosting Control Panel, so your web apps shall be secured from the instant your server is in a position. The firewall is activated by default for any domain or subdomain on the VPS, but if necessary, you can disable it with a click through the corresponding section of Hepsia. You could also set it to operate in detection mode, so it shall maintain an extensive log of any potential attacks without taking any action to prevent them. The logs are available in the same section and offer information about the nature of the attack, what IP it came from and what ModSecurity rule was initiated to stop it. For maximum security, we use not just commercial rules from a firm operating in the field of web security, but also custom ones which our administrators add manually in order to react to new risks which are still not tackled in the commercial rules.

ModSecurity in Dedicated Servers

All our dedicated servers which are installed with the Hepsia hosting Control Panel include ModSecurity, so any application that you upload or set up shall be protected from the very beginning and you won't need to stress about common attacks or vulnerabilities. An individual section in Hepsia will enable you to start or stop the firewall for each and every domain or subdomain, or activate a detection mode so that it records information regarding intrusions, but doesn't take actions to prevent them. What you shall discover in the logs can enable you to to secure your websites better - the IP address an attack originated from, what website was attacked and in what way, what ModSecurity rule was triggered, and so forth. With this info, you can see whether a website needs an update, if you ought to block IPs from accessing your hosting server, and so on. On top of the third-party commercial security rules for ModSecurity that we use, our admins add custom ones as well if they find a new threat that's not yet a part of the commercial bundle.