ModSecurity is an efficient firewall for Apache web servers that is employed to prevent attacks towards web apps. It tracks the HTTP traffic to a certain website in real time and stops any intrusion attempts the moment it detects them. The firewall relies on a set of rules to accomplish that - as an example, attempting to log in to a script administration area without success many times activates one rule, sending a request to execute a particular file that could result in gaining access to the site triggers a different rule, etcetera. ModSecurity is one of the best firewalls out there and it'll secure even scripts which are not updated frequently since it can prevent attackers from using known exploits and security holes. Very detailed data about each and every intrusion attempt is recorded and the logs the firewall keeps are a lot more detailed than the conventional logs created by the Apache server, so you may later examine them and decide whether you need to take more measures so as to improve the safety of your script-driven sites.

ModSecurity in Hosting

We offer ModSecurity with all hosting plans, so your web apps will be protected against harmful attacks. The firewall is activated as standard for all domains and subdomains, but in case you would like, you will be able to stop it through the respective section of your Hepsia Control Panel. You can also activate a detection mode, so ModSecurity shall keep a log as intended, but shall not take any action. The logs that you shall discover in Hepsia are quite detailed and include info about the nature of any attack, when it transpired and from what IP, the firewall rule that was triggered, etc. We employ a set of commercial rules that are often updated, but sometimes our admins include custom rules as well in order to better protect the websites hosted on our machines.

ModSecurity in Semi-dedicated Hosting

Any web program you install within your new semi-dedicated hosting account shall be protected by ModSecurity since the firewall comes with all our hosting plans and is activated by default for any domain and subdomain that you add or create through your Hepsia hosting Control Panel. You will be able to manage ModSecurity via a dedicated section in Hepsia where not only could you activate or deactivate it completely, but you could also enable a passive mode, so the firewall will not block anything, but it shall still maintain a record of potential attacks. This takes only a mouse click and you'll be able to look at the logs no matter if ModSecurity is in active or passive mode through the same section - what the attack was and where it came from, how it was addressed, etcetera. The firewall uses two sets of rules on our servers - a commercial one which we get from a third-party web security company and a custom one which our administrators update manually as to respond to newly discovered threats as soon as possible.

ModSecurity in VPS Hosting

ModSecurity is included with all Hepsia-based virtual private servers we offer and it shall be activated automatically for any new domain or subdomain that you include on the hosting server. In this way, any web application you install shall be secured right away without doing anything personally on your end. The firewall may be handled from the section of the CP that has the same name. This is the place in whichyou can turn off ModSecurity or activate its passive mode, so it won't take any action toward threats, but shall still maintain a comprehensive log. The recorded information is available within the same section as well and you shall be able to see what IPs any attacks originated from so that you block them, what the nature of the attempted attacks was and based on what security rules ModSecurity reacted. The rules that we employ on our servers are a combination between commercial ones which we get from a security company and custom ones that are included by our admins to maximize the protection of any web applications hosted on our end.