ModSecurity is a powerful firewall for Apache web servers that's employed to prevent attacks towards web apps. It monitors the HTTP traffic to a given website in real time and blocks any intrusion attempts the moment it discovers them. The firewall uses a set of rules to do this - as an illustration, attempting to log in to a script admin area unsuccessfully a few times triggers one rule, sending a request to execute a certain file which could result in accessing the website triggers another rule, and so forth. ModSecurity is amongst the best firewalls around and it'll preserve even scripts that aren't updated regularly because it can prevent attackers from using known exploits and security holes. Very thorough data about each and every intrusion attempt is recorded and the logs the firewall keeps are considerably more specific than the conventional logs generated by the Apache server, so you can later take a look at them and determine whether you need to take additional measures so as to increase the safety of your script-driven Internet sites.

ModSecurity in Shared Hosting

ModSecurity can be found with each and every shared hosting plan that we provide and it is turned on by default for every domain or subdomain that you include via your Hepsia Control Panel. If it interferes with any of your applications or you'd like to disable it for whatever reason, you'll be able to do that through the ModSecurity area of Hepsia with just a click. You may also activate a passive mode, so the firewall will detect possible attacks and keep a log, but will not take any action. You could view extensive logs in the same section, including the IP address where the attack came from, what precisely the attacker aimed to do and at what time, what ModSecurity did, etcetera. For optimum protection of our clients we use a set of commercial firewall rules blended with custom ones which are added by our system admins.

ModSecurity in Semi-dedicated Hosting

ModSecurity is a part of our semi-dedicated hosting solutions and if you opt to host your sites with us, there will not be anything special you'll have to do as the firewall is switched on by default for all domains and subdomains which you add via your hosting Control Panel. If necessary, you can disable ModSecurity for a particular website or turn on the so-called detection mode in which case the firewall shall still operate and record information, but won't do anything to stop possible attacks against your websites. Detailed logs shall be accessible inside your CP and you shall be able to see what type of attacks occurred, what security rules were triggered and how the firewall addressed the threats, what Internet protocol addresses the attacks came from, and so forth. We use two sorts of rules on our servers - commercial ones from a business that operates in the field of web security, and custom made ones that our administrators occasionally add to respond to newly found threats promptly.

ModSecurity in VPS Web Hosting

All virtual private servers which are offered with the Hepsia CP feature ModSecurity. The firewall is installed and turned on by default for all domains that are hosted on the machine, so there will not be anything special which you will have to do to protect your websites. It'll take you simply a mouse click to stop ModSecurity if necessary or to turn on its passive mode so that it records what goes on without taking any actions to prevent intrusions. You shall be able to see the logs generated in active or passive mode via the corresponding section of Hepsia and find out more about the form of the attack, where it came from, what rule the firewall used to deal with it, etcetera. We use a mixture of commercial and custom rules so as to make certain that ModSecurity will prevent as many risks as possible, thus increasing the security of your web applications as much as possible.

ModSecurity in Dedicated Servers Hosting

ModSecurity is included with all dedicated servers that are set up with our Hepsia CP and you'll not have to do anything specific on your end to use it since it's switched on by default every time you add a new domain or subdomain on your server. In the event that it disrupts some of your applications, you shall be able to stop it via the respective area of Hepsia, or you can leave it in passive mode, so it will identify attacks and shall still keep a log for them, but shall not stop them. You'll be able to look at the logs later to learn what you can do to improve the safety of your Internet sites since you will find details such as where an intrusion attempt originated from, what Internet site was attacked and based upon what rule ModSecurity reacted, and so forth. The rules we use are commercial, thus they are frequently updated by a security company, but to be on the safe side, our administrators also include custom rules occasionally as to deal with any new threats they have identified.