ModSecurity is a powerful firewall for Apache web servers that is used to stop attacks toward web apps. It tracks the HTTP traffic to a specific Internet site in real time and stops any intrusion attempts as soon as it discovers them. The firewall relies on a set of rules to do that - for instance, trying to log in to a script admin area without success a few times sets off one rule, sending a request to execute a particular file which could result in getting access to the Internet site triggers a different rule, etcetera. ModSecurity is among the best firewalls available and it will protect even scripts that are not updated on a regular basis as it can prevent attackers from employing known exploits and security holes. Quite comprehensive info about every single intrusion attempt is recorded and the logs the firewall keeps are a lot more specific than the conventional logs provided by the Apache server, so you can later analyze them and decide if you need to take extra measures in order to increase the safety of your script-driven Internet sites.

ModSecurity in Shared Website Hosting

We provide ModSecurity with all shared website hosting packages, so your Internet apps will be shielded from destructive attacks. The firewall is switched on by default for all domains and subdomains, but in case you would like, you'll be able to stop it via the respective part of your Hepsia Control Panel. You'll be able to also switch on a detection mode, so ModSecurity shall keep a log as intended, but will not take any action. The logs that you'll discover inside Hepsia are quite detailed and offer information about the nature of any attack, when it transpired and from what IP address, the firewall rule which was triggered, and so on. We employ a set of commercial rules which are often updated, but sometimes our administrators include custom rules as well in order to efficiently protect the websites hosted on our servers.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting plans that we offer include ModSecurity and since the firewall is enabled by default, any website you build under a domain or a subdomain shall be secured straight away. A separate section within the Hepsia Control Panel that comes with the semi-dedicated accounts is dedicated to ModSecurity and it will allow you to stop and start the firewall for any site or activate a detection mode. With the last mentioned, ModSecurity will not take any action, but it shall still identify possible attacks and shall keep all data in a log as if it were fully active. The logs can be found inside the same section of the Control Panel and they offer information about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to recognize and stop it, and so on. The security rules we employ on our machines are a mix of commercial ones from a security business and custom ones developed by our system admins. Therefore, we provide increased security for your web apps as we can protect them from attacks before security businesses release updates for completely new threats.

ModSecurity in Dedicated Servers Hosting

If you decide to host your sites on a dedicated server with the Hepsia Control Panel, your web programs will be protected right away since ModSecurity is available with all Hepsia-based solutions. You will be able to manage the firewall without difficulty and if necessary, you'll be able to turn it off or activate its passive mode when it'll only maintain a log of what is happening without taking any action to prevent potential attacks. The logs that you'll find within the very same section of the Control Panel are very detailed and contain data about the attacker IP, what site and file were attacked and in what ways, what rule the firewall used to prevent the intrusion, etc. This information shall enable you to take measures and increase the protection of your websites even more. To be on the safe side, we use not just commercial rules, but also custom-made ones that our admins include when they recognize attacks that haven't yet been included inside the commercial pack.