ModSecurity is a highly effective firewall for Apache web servers that is used to stop attacks towards web applications. It tracks the HTTP traffic to a specific Internet site in real time and prevents any intrusion attempts the instant it identifies them. The firewall uses a set of rules to accomplish that - as an example, trying to log in to a script admin area without success several times triggers one rule, sending a request to execute a particular file which may result in gaining access to the website triggers another rule, and so forth. ModSecurity is amongst the best firewalls out there and it will secure even scripts that aren't updated frequently because it can prevent attackers from using known exploits and security holes. Quite thorough data about each and every intrusion attempt is recorded and the logs the firewall maintains are much more detailed than the regular logs generated by the Apache server, so you may later examine them and decide if you need to take additional measures so as to boost the security of your script-driven Internet sites.

ModSecurity in Shared Hosting

We provide ModSecurity with all shared hosting plans, so your web apps will be shielded from harmful attacks. The firewall is switched on by default for all domains and subdomains, but if you would like, you will be able to stop it via the respective area of your Hepsia Control Panel. You'll be able to also switch on a detection mode, so ModSecurity will keep a log as intended, but won't take any action. The logs that you shall discover inside Hepsia are very detailed and offer info about the nature of any attack, when it occurred and from what IP address, the firewall rule that was triggered, etc. We employ a group of commercial rules which are often updated, but sometimes our admins add custom rules as well so as to better protect the websites hosted on our servers.

ModSecurity in Semi-dedicated Servers

ModSecurity is a part of our semi-dedicated server packages and if you decide to host your sites with us, there will not be anything special you'll have to do as the firewall is turned on by default for all domains and subdomains that you include via your hosting Control Panel. If necessary, you'll be able to disable ModSecurity for a given Internet site or activate the so-called detection mode in which case the firewall shall still work and record info, but won't do anything to stop potential attacks against your sites. Thorough logs will be accessible within your CP and you shall be able to see what type of attacks occurred, what security rules were triggered and how the firewall handled the threats, what IP addresses the attacks came from, etcetera. We use two types of rules on our servers - commercial ones from an organization that operates in the field of web security, and customized ones which our administrators occasionally add to respond to newly identified threats in a timely manner.

ModSecurity in VPS Servers

ModSecurity is pre-installed on all VPS servers which are set up with the Hepsia hosting CP, so your web programs will be secured from the moment your server is in a position. The firewall is switched on by default for any domain or subdomain on the Virtual Private Server, but if needed, you'll be able to disable it with a click of your mouse from the corresponding section of Hepsia. You can also set it to function in detection mode, so it shall maintain a comprehensive log of any possible attacks without taking any action to prevent them. The logs are available inside the very same section and offer info about the nature of the attack, what IP address it came from and what ModSecurity rule was triggered to stop it. For best security, we use not just commercial rules from a firm operating in the field of web security, but also custom ones that our administrators add personally so as to respond to new threats that are still not addressed in the commercial rules.

ModSecurity in Dedicated Servers

ModSecurity is included with all dedicated servers that are integrated with our Hepsia Control Panel and you won't have to do anything specific on your end to use it as it's activated by default each time you include a new domain or subdomain on your web server. If it interferes with any of your apps, you'll be able to stop it through the respective section of Hepsia, or you may leave it in passive mode, so it shall recognize attacks and will still maintain a log for them, but shall not stop them. You may analyze the logs later to find out what you can do to increase the protection of your websites since you shall find info such as where an intrusion attempt came from, what Internet site was attacked and based on what rule ModSecurity reacted, and so on. The rules that we use are commercial, thus they are constantly updated by a security company, but to be on the safe side, our admins also add custom rules from time to time in order to react to any new threats they have discovered.