ModSecurity is a powerful firewall for Apache web servers that's used to stop attacks against web applications. It monitors the HTTP traffic to a particular site in real time and blocks any intrusion attempts the moment it detects them. The firewall relies on a set of rules to do that - for example, trying to log in to a script administration area without success many times sets off one rule, sending a request to execute a particular file that could result in gaining access to the Internet site triggers a different rule, and so forth. ModSecurity is amongst the best firewalls around and it'll preserve even scripts which aren't updated on a regular basis since it can prevent attackers from using known exploits and security holes. Very thorough data about each and every intrusion attempt is recorded and the logs the firewall keeps are considerably more specific than the conventional logs generated by the Apache server, so you can later examine them and determine whether you need to take more measures in order to improve the safety of your script-driven websites.

ModSecurity in Shared Hosting

ModSecurity is supplied with all shared hosting servers, so if you choose to host your Internet sites with our firm, they'll be shielded from a wide range of attacks. The firewall is turned on by default for all domains and subdomains, so there'll be nothing you shall need to do on your end. You will be able to stop ModSecurity for any website if needed, or to activate a detection mode, so that all activity will be recorded, but the firewall will not take any real action. You'll be able to view detailed logs from your Hepsia Control Panel including the IP where the attack came from, what the attacker wanted to do and how ModSecurity addressed the threat. As we take the protection of our clients' Internet sites seriously, we use a selection of commercial rules that we get from one of the best companies that maintain this type of rules. Our administrators also add custom rules to make sure that your websites will be shielded from as many threats as possible.

ModSecurity in Semi-dedicated Hosting

We have integrated ModSecurity as a standard in all semi-dedicated hosting packages, so your web applications will be protected the instant you set them up under any domain or subdomain. The Hepsia CP which comes with the semi-dedicated accounts will allow you to switch on or turn off the firewall for any website with a mouse click. You'll also have the ability to activate a passive detection mode in which ModSecurity will keep a log of potential attacks without actually preventing them. The comprehensive logs include the nature of the attack and what ModSecurity response that attack initiated, where it came from, etc. The list of rules that we use is regularly updated as to match any new risks that could appear on the Internet and it comes with both commercial rules that we get from a security corporation and custom-written ones that our administrators add in case they discover a threat that's not present in the commercial list yet.

ModSecurity in VPS Web Hosting

ModSecurity is pre-installed on all virtual private servers which are offered with the Hepsia hosting Control Panel, so your web programs will be secured from the second your server is in a position. The firewall is activated by default for any domain or subdomain on the Virtual Private Server, but if needed, you'll be able to disable it with a mouse click via the corresponding section of Hepsia. You can also set it to work in detection mode, so it shall keep a detailed log of any possible attacks without taking any action to prevent them. The logs can be found in the same section and include details about the nature of the attack, what IP it originated from and what ModSecurity rule was triggered to stop it. For best security, we employ not simply commercial rules from a firm operating in the field of web security, but also custom ones which our administrators include manually so as to react to new threats which are still not tackled in the commercial rules.

ModSecurity in Dedicated Servers Hosting

All of our dedicated servers that are set up with the Hepsia hosting Control Panel include ModSecurity, so any app that you upload or set up shall be protected from the very beginning and you'll not need to worry about common attacks or vulnerabilities. An individual section inside Hepsia will enable you to start or stop the firewall for any domain or subdomain, or turn on a detection mode so that it records information about intrusions, but does not take actions to prevent them. What you'll see in the logs can easily allow you to to secure your sites better - the IP an attack originated from, what site was attacked as well as how, what ModSecurity rule was triggered, etc. With this information, you'll be able to see if a site needs an update, whether you ought to block IPs from accessing your hosting server, etc. Aside from the third-party commercial security rules for ModSecurity that we use, our admins include custom ones too if they find a new threat which is not yet in the commercial bundle.