ModSecurity is a highly effective firewall for Apache web servers that's employed to stop attacks towards web apps. It keeps track of the HTTP traffic to a certain website in real time and prevents any intrusion attempts the moment it detects them. The firewall relies on a set of rules to do this - for instance, attempting to log in to a script administration area without success a few times activates one rule, sending a request to execute a specific file which may result in gaining access to the site triggers a different rule, etcetera. ModSecurity is one of the best firewalls out there and it will preserve even scripts that are not updated often because it can prevent attackers from employing known exploits and security holes. Quite detailed info about each intrusion attempt is recorded and the logs the firewall maintains are far more comprehensive than the regular logs created by the Apache server, so you may later take a look at them and determine whether you need to take extra measures in order to enhance the protection of your script-driven websites.

ModSecurity in Cloud Hosting

ModSecurity comes by default with all cloud hosting plans that we supply and it'll be activated automatically for any domain or subdomain you add/create in your Hepsia hosting CP. The firewall has three different modes, so you'll be able to switch on and deactivate it with a click or set it to detection mode, so it will keep a log of all attacks, but it'll not do anything to prevent them. The log for any of your websites will contain detailed info including the nature of the attack, where it originated from, what action was taken by ModSecurity, and so on. The firewall rules we use are constantly updated and incorporate both commercial ones we get from a third-party security firm and custom ones that our system administrators include in the event that they detect a new sort of attacks. In this way, the websites that you host here shall be far more secure without any action required on your end.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server plans which we offer come with ModSecurity and because the firewall is turned on by default, any website which you set up under a domain or a subdomain will be secured right from the start. A separate section within the Hepsia Control Panel that comes with the semi-dedicated accounts is devoted to ModSecurity and it'll enable you to stop and start the firewall for any Internet site or switch on a detection mode. With the last option, ModSecurity shall not take any action, but it will still identify possible attacks and shall keep all information in a log as if it were completely active. The logs can be found within the same section of the Control Panel and they include details about the IP where an attack came from, what its nature was, what rule ModSecurity applies to recognize and stop it, and so on. The security rules that we use on our servers are a mix of commercial ones from a security company and custom ones made by our system admins. For that reason, we offer greater security for your web apps as we can shield them from attacks even before security companies release updates for new threats.

ModSecurity in VPS Servers

ModSecurity comes with all Hepsia-based VPS servers that we offer and it'll be turned on automatically for every new domain or subdomain that you include on the hosting server. That way, any web application you install shall be secured right away without doing anything by hand on your end. The firewall can be handled through the section of the Control Panel that has the same name. This is the place whereyou can turn off ModSecurity or enable its passive mode, so it won't take any action towards threats, but will still maintain a detailed log. The recorded info is available in the same section as well and you will be able to see what IPs any attacks came from to enable you to block them, what the nature of the attempted attacks was and based upon what security rules ModSecurity reacted. The rules we employ on our servers are a blend between commercial ones which we obtain from a security company and custom ones that are added by our admins to improve the security of any web apps hosted on our end.

ModSecurity in Dedicated Servers

All of our dedicated servers that are set up with the Hepsia hosting CP come with ModSecurity, so any application that you upload or install shall be properly secured from the very beginning and you will not have to stress about common attacks or vulnerabilities. An individual section within Hepsia will permit you to start or stop the firewall for each and every domain or subdomain, or activate a detection mode so that it records information about intrusions, but does not take actions to prevent them. What you shall discover in the logs can allow you to to secure your Internet sites better - the IP address an attack originated from, what website was attacked and in what way, what ModSecurity rule was triggered, and so on. With this data, you'll be able to see if a site needs an update, if you should block IPs from accessing your web server, etc. Besides the third-party commercial security rules for ModSecurity which we use, our administrators include custom ones as well whenever they discover a new threat which is not yet a part of the commercial bundle.