ModSecurity is an effective firewall for Apache web servers that is employed to prevent attacks toward web applications. It monitors the HTTP traffic to a specific website in real time and prevents any intrusion attempts the moment it discovers them. The firewall uses a set of rules to do that - as an illustration, attempting to log in to a script administrator area unsuccessfully a few times triggers one rule, sending a request to execute a specific file that could result in gaining access to the Internet site triggers another rule, and so on. ModSecurity is amongst the best firewalls available and it'll preserve even scripts which are not updated often as it can prevent attackers from employing known exploits and security holes. Very comprehensive information about every intrusion attempt is recorded and the logs the firewall keeps are considerably more comprehensive than the standard logs generated by the Apache server, so you can later take a look at them and decide if you need to take more measures so as to improve the protection of your script-driven Internet sites.

ModSecurity in Cloud Web Hosting

ModSecurity can be found with every single cloud web hosting package that we offer and it is turned on by default for any domain or subdomain that you include through your Hepsia CP. If it disrupts any of your apps or you'd like to disable it for any reason, you shall be able to achieve that through the ModSecurity section of Hepsia with simply a click. You may also enable a passive mode, so the firewall will discover possible attacks and keep a log, but won't take any action. You'll be able to view comprehensive logs in the very same section, including the IP address where the attack came from, what exactly the attacker aimed to do and at what time, what ModSecurity did, and so on. For optimum safety of our clients we use a group of commercial firewall rules combined with custom ones that are added by our system administrators.

ModSecurity in Semi-dedicated Hosting

ModSecurity is part of our semi-dedicated hosting plans and if you opt to host your sites with us, there shall not be anything special you will have to do since the firewall is turned on by default for all domains and subdomains that you include using your hosting CP. If necessary, you'll be able to disable ModSecurity for a given website or switch on the so-called detection mode in which case the firewall will still operate and record information, but will not do anything to prevent potential attacks on your websites. Comprehensive logs will be accessible within your Control Panel and you'll be able to see which kind of attacks occurred, what security rules were triggered and how the firewall handled the threats, what Internet protocol addresses the attacks originated from, and so forth. We use 2 kinds of rules on our servers - commercial ones from a business that operates in the field of web security, and custom made ones which our administrators sometimes add to respond to newly found threats promptly.

ModSecurity in VPS Hosting

All virtual private servers that are set up with the Hepsia Control Panel include ModSecurity. The firewall is set up and switched on by default for all domains that are hosted on the machine, so there shall not be anything special which you'll have to do to protect your Internet sites. It will take you a click to stop ModSecurity if necessary or to activate its passive mode so that it records what happens without taking any steps to prevent intrusions. You'll be able to see the logs produced in active or passive mode from the corresponding section of Hepsia and learn more about the form of the attack, where it originated from, what rule the firewall used to tackle it, etc. We use a mix of commercial and custom rules in order to make sure that ModSecurity will block out as many risks as possible, hence increasing the protection of your web apps as much as possible.

ModSecurity in Dedicated Web Hosting

All our dedicated servers which are installed with the Hepsia hosting Control Panel include ModSecurity, so any app which you upload or set up will be secured from the very beginning and you'll not have to bother about common attacks or vulnerabilities. An independent section in Hepsia will allow you to start or stop the firewall for each and every domain or subdomain, or turn on a detection mode so that it records details about intrusions, but does not take actions to prevent them. What you shall discover in the logs shall allow you to to secure your websites better - the IP address an attack originated from, what site was attacked and in what way, what ModSecurity rule was triggered, and so forth. With this information, you'll be able to see whether a site needs an update, whether you ought to block IPs from accessing your server, etc. Besides the third-party commercial security rules for ModSecurity which we use, our administrators add custom ones as well every time they find a new threat that is not yet included in the commercial bundle.