ModSecurity is an efficient firewall for Apache web servers which is employed to stop attacks towards web applications. It monitors the HTTP traffic to a certain website in real time and blocks any intrusion attempts the instant it detects them. The firewall relies on a set of rules to do that - for instance, trying to log in to a script administration area unsuccessfully several times sets off one rule, sending a request to execute a particular file that may result in gaining access to the website triggers another rule, and so on. ModSecurity is one of the best firewalls out there and it'll protect even scripts which aren't updated often since it can prevent attackers from using known exploits and security holes. Incredibly thorough information about every single intrusion attempt is recorded and the logs the firewall keeps are a lot more comprehensive than the regular logs generated by the Apache server, so you can later analyze them and decide if you need to take more measures in order to boost the safety of your script-driven sites.

ModSecurity in Cloud Website Hosting

ModSecurity is available with every cloud website hosting package which we provide and it is switched on by default for any domain or subdomain which you add through your Hepsia CP. If it interferes with any of your applications or you would like to disable it for any reason, you'll be able to achieve that through the ModSecurity section of Hepsia with merely a mouse click. You may also enable a passive mode, so the firewall will discover possible attacks and keep a log, but shall not take any action. You could see detailed logs in the same section, including the IP address where the attack came from, exactly what the attacker aimed to do and at what time, what ModSecurity did, etc. For maximum protection of our clients we use a collection of commercial firewall rules combined with custom ones which are provided by our system administrators.

ModSecurity in Semi-dedicated Hosting

We've included ModSecurity as a standard in all semi-dedicated hosting plans, so your web applications shall be protected the instant you install them under any domain or subdomain. The Hepsia CP which comes with the semi-dedicated accounts will allow you to switch on or disable the firewall for any site with a mouse click. You will also have the ability to turn on a passive detection mode in which ModSecurity shall keep a log of potential attacks without actually stopping them. The thorough logs contain the nature of the attack and what ModSecurity response that attack caused, where it came from, and so forth. The list of rules that we use is regularly updated in order to match any new risks that could appear on the Internet and it includes both commercial rules that we get from a security company and custom-written ones which our administrators include if they discover a threat that is not present inside the commercial list yet.

ModSecurity in VPS Hosting

Security is extremely important to us, so we install ModSecurity on all virtual private servers that are provided with the Hepsia CP as a standard. The firewall can be managed through a dedicated section inside Hepsia and is switched on automatically when you add a new domain or generate a subdomain, so you won't have to do anything manually. You'll also be able to disable it or switch on the so-called detection mode, so it will keep a log of possible attacks which you can later examine, but shall not stop them. The logs in both passive and active modes include details regarding the form of the attack and how it was stopped, what IP it originated from and other valuable information that may help you to tighten the security of your websites by updating them or blocking IPs, for instance. On top of the commercial rules we get for ModSecurity from a third-party security company, we also employ our own rules as every now and then we detect specific attacks which are not yet present in the commercial package. That way, we could increase the security of your Virtual private server right away instead of awaiting a certified update.

ModSecurity in Dedicated Web Hosting

If you decide to host your websites on a dedicated server with the Hepsia CP, your web apps will be secured immediately since ModSecurity is provided with all Hepsia-based plans. You shall be able to control the firewall with ease and if required, you shall be able to turn it off or enable its passive mode when it will only keep a log of what is going on without taking any action to stop possible attacks. The logs which you'll find in the very same section of the Control Panel are incredibly detailed and contain details about the attacker IP, what site and file were attacked and in what ways, what rule the firewall employed to prevent the intrusion, etcetera. This information will permit you to take measures and boost the security of your websites even more. To be on the safe side, we use not only commercial rules, but also custom-made ones which our administrators include when they recognize attacks which have not yet been included in the commercial pack.