ModSecurity is a powerful firewall for Apache web servers that's used to prevent attacks toward web apps. It monitors the HTTP traffic to a particular website in real time and stops any intrusion attempts the instant it identifies them. The firewall uses a set of rules to do that - as an illustration, attempting to log in to a script admin area unsuccessfully a few times triggers one rule, sending a request to execute a specific file that may result in gaining access to the Internet site triggers a different rule, etcetera. ModSecurity is among the best firewalls available on the market and it'll protect even scripts that are not updated frequently as it can prevent attackers from using known exploits and security holes. Quite detailed data about every single intrusion attempt is recorded and the logs the firewall keeps are much more specific than the standard logs provided by the Apache server, so you can later examine them and determine if you need to take extra measures in order to improve the safety of your script-driven websites.

ModSecurity in Cloud Website Hosting

ModSecurity is supplied with all cloud website hosting web servers, so if you opt to host your Internet sites with our business, they will be resistant to a wide array of attacks. The firewall is enabled by default for all domains and subdomains, so there'll be nothing you shall need to do on your end. You shall be able to stop ModSecurity for any Internet site if necessary, or to switch on a detection mode, so all activity will be recorded, but the firewall won't take any real action. You'll be able to view detailed logs from your Hepsia Control Panel including the IP where the attack came from, what the attacker wished to do and how ModSecurity dealt with the threat. Since we take the protection of our clients' Internet sites seriously, we use a collection of commercial rules that we get from one of the top companies which maintain this sort of rules. Our admins also add custom rules to make certain that your websites shall be resistant to as many risks as possible.

ModSecurity in Semi-dedicated Hosting

Any web application that you install within your new semi-dedicated hosting account will be protected by ModSecurity as the firewall is included with all our hosting solutions and is turned on by default for any domain and subdomain which you include or create via your Hepsia hosting CP. You shall be able to manage ModSecurity via a dedicated area within Hepsia where not only could you activate or deactivate it fully, but you could also enable a passive mode, so the firewall will not stop anything, but it'll still keep an archive of potential attacks. This normally requires only a mouse click and you'll be able to see the logs regardless if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was taken care of, and so forth. The firewall employs two groups of rules on our servers - a commercial one which we get from a third-party web security provider and a custom one that our admins update personally as to respond to newly discovered threats at the earliest opportunity.

ModSecurity in VPS Web Hosting

Security is very important to us, so we install ModSecurity on all virtual private servers that are made available with the Hepsia Control Panel by default. The firewall can be managed through a dedicated section within Hepsia and is switched on automatically when you add a new domain or create a subdomain, so you won't have to do anything personally. You will also be able to disable it or turn on the so-called detection mode, so it will maintain a log of possible attacks you can later study, but won't block them. The logs in both passive and active modes contain information regarding the type of the attack and how it was prevented, what IP it originated from and other valuable data which might help you to tighten the security of your Internet sites by updating them or blocking IPs, for instance. Besides the commercial rules that we get for ModSecurity from a third-party security firm, we also implement our own rules because from time to time we identify specific attacks which are not yet present in the commercial pack. This way, we can easily improve the security of your VPS right away rather than waiting for a certified update.

ModSecurity in Dedicated Servers Hosting

All of our dedicated servers that are set up with the Hepsia hosting CP come with ModSecurity, so any program you upload or install shall be protected from the very beginning and you'll not need to worry about common attacks or vulnerabilities. A separate section within Hepsia will enable you to start or stop the firewall for each and every domain or subdomain, or switch on a detection mode so that it records information regarding intrusions, but doesn't take actions to stop them. What you will find in the logs can easily help you to secure your sites better - the IP address an attack came from, what site was attacked and in what way, what ModSecurity rule was triggered, and so forth. With this info, you can see if an Internet site needs an update, if you need to block IPs from accessing your web server, and so forth. Aside from the third-party commercial security rules for ModSecurity which we use, our administrators include custom ones as well whenever they come across a new threat that's not yet included in the commercial bundle.