ModSecurity is a highly effective firewall for Apache web servers which is used to stop attacks against web apps. It monitors the HTTP traffic to a certain site in real time and stops any intrusion attempts as soon as it discovers them. The firewall relies on a set of rules to do this - for instance, trying to log in to a script administrator area without success many times sets off one rule, sending a request to execute a particular file that could result in gaining access to the Internet site triggers another rule, etc. ModSecurity is among the best firewalls available on the market and it'll preserve even scripts that aren't updated frequently as it can prevent attackers from using known exploits and security holes. Very thorough info about each intrusion attempt is recorded and the logs the firewall keeps are a lot more detailed than the conventional logs provided by the Apache server, so you may later analyze them and decide if you need to take more measures so as to improve the safety of your script-driven sites.

ModSecurity in Shared Web Hosting

We offer ModSecurity with all shared web hosting solutions, so your Internet applications will be resistant to malicious attacks. The firewall is switched on by default for all domains and subdomains, but in case you'd like, you shall be able to stop it via the respective area of your Hepsia Control Panel. You could also switch on a detection mode, so ModSecurity will keep a log as intended, but won't take any action. The logs that you'll discover in Hepsia are very detailed and include information about the nature of any attack, when it took place and from what IP address, the firewall rule which was triggered, and so forth. We use a range of commercial rules which are often updated, but sometimes our admins add custom rules as well in order to efficiently protect the sites hosted on our machines.

ModSecurity in Semi-dedicated Hosting

ModSecurity is a part of our semi-dedicated hosting solutions and if you choose to host your sites with our company, there will not be anything special you will have to do as the firewall is switched on by default for all domains and subdomains you add using your hosting Control Panel. If required, you could disable ModSecurity for a particular Internet site or turn on the so-called detection mode in which case the firewall shall still operate and record information, but shall not do anything to stop possible attacks against your websites. Thorough logs shall be readily available inside your Control Panel and you shall be able to see what type of attacks occurred, what security rules were triggered and how the firewall dealt with the threats, what IP addresses the attacks came from, etcetera. We use 2 sorts of rules on our servers - commercial ones from a company that operates in the field of web security, and custom ones that our administrators occasionally include to respond to newly found threats on time.

ModSecurity in VPS

ModSecurity is pre-installed on all virtual private servers that are set up with the Hepsia hosting Control Panel, so your web applications will be secured from the instant your server is ready. The firewall is activated by default for any domain or subdomain on the Virtual Private Server, but if needed, you could disable it with a click from the corresponding section of Hepsia. You can also set it to function in detection mode, so it will maintain a comprehensive log of any possible attacks without taking any action to prevent them. The logs are available within the same section and offer info about the nature of the attack, what IP address it originated from and what ModSecurity rule was activated to stop it. For maximum security, we use not simply commercial rules from a firm working in the field of web security, but also custom ones which our administrators add personally so as to respond to new threats which are still not tackled in the commercial rules.

ModSecurity in Dedicated Hosting

If you decide to host your sites on a dedicated server with the Hepsia Control Panel, your web apps shall be protected immediately as ModSecurity is provided with all Hepsia-based plans. You'll be able to regulate the firewall with ease and if needed, you will be able to turn it off or enable its passive mode when it'll only keep a log of what is taking place without taking any action to prevent potential attacks. The logs which you'll find within the same section of the Control Panel are quite detailed and include info about the attacker IP address, what website and file were attacked and in what ways, what rule the firewall employed to stop the intrusion, and so on. This info will allow you to take measures and improve the protection of your Internet sites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones that our admins add every time they detect attacks that have not yet been included in the commercial pack.