ModSecurity is a highly effective firewall for Apache web servers that's employed to prevent attacks towards web applications. It monitors the HTTP traffic to a certain Internet site in real time and stops any intrusion attempts the instant it detects them. The firewall relies on a set of rules to do this - as an example, attempting to log in to a script admin area unsuccessfully several times triggers one rule, sending a request to execute a specific file that could result in gaining access to the site triggers a different rule, and so on. ModSecurity is one of the best firewalls out there and it'll preserve even scripts which aren't updated on a regular basis because it can prevent attackers from employing known exploits and security holes. Very comprehensive data about every single intrusion attempt is recorded and the logs the firewall keeps are considerably more specific than the standard logs generated by the Apache server, so you can later examine them and decide whether you need to take additional measures in order to boost the safety of your script-driven Internet sites.

ModSecurity in Website Hosting

We provide ModSecurity with all website hosting plans, so your Internet apps will be resistant to destructive attacks. The firewall is turned on by default for all domains and subdomains, but if you would like, you shall be able to stop it through the respective area of your Hepsia Control Panel. You could also switch on a detection mode, so ModSecurity will keep a log as intended, but won't take any action. The logs which you shall find in Hepsia are very detailed and feature data about the nature of any attack, when it occurred and from what IP, the firewall rule which was triggered, and so forth. We use a set of commercial rules that are constantly updated, but sometimes our admins include custom rules as well in order to better protect the sites hosted on our servers.

ModSecurity in Semi-dedicated Servers

ModSecurity is part of our semi-dedicated server plans and if you opt to host your websites with us, there won't be anything special you will have to do since the firewall is turned on by default for all domains and subdomains that you include using your hosting CP. If necessary, you'll be able to disable ModSecurity for a particular Internet site or enable the so-called detection mode in which case the firewall shall still operate and record data, but will not do anything to stop potential attacks on your Internet sites. Thorough logs will be readily available in your Control Panel and you shall be able to see what type of attacks occurred, what security rules were triggered and how the firewall dealt with the threats, what IP addresses the attacks came from, etc. We use two types of rules on our servers - commercial ones from an organization which operates in the field of web security, and customized ones that our administrators occasionally include to respond to newly found risks promptly.

ModSecurity in VPS Servers

ModSecurity is provided with all Hepsia-based VPS servers that we offer and it'll be turned on automatically for every new domain or subdomain that you include on the machine. This way, any web app which you install shall be protected from the very beginning without doing anything manually on your end. The firewall may be handled from the section of the Control Panel that bears the same name. This is the area whereyou can switch off ModSecurity or let its passive mode, so it will not take any action against threats, but will still keep a comprehensive log. The recorded data is available in the same area as well and you will be able to see what IPs any attacks originated from so that you stop them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity reacted. The rules which we use on our servers are a combination between commercial ones we obtain from a security organization and custom ones which are included by our staff to improve the protection of any web apps hosted on our end.

ModSecurity in Dedicated Servers

ModSecurity is provided with all dedicated servers that are integrated with our Hepsia CP and you will not need to do anything specific on your end to employ it since it is enabled by default whenever you add a new domain or subdomain on your server. In case it interferes with some of your apps, you'll be able to stop it via the respective area of Hepsia, or you could leave it operating in passive mode, so it shall detect attacks and will still maintain a log for them, but shall not prevent them. You may analyze the logs later to find out what you can do to increase the protection of your sites as you shall find information such as where an intrusion attempt originated from, what site was attacked and based upon what rule ModSecurity reacted, etc. The rules we use are commercial, therefore they are frequently updated by a security company, but to be on the safe side, our admins also include custom rules once in a while in order to react to any new threats they have found.