ModSecurity is a powerful firewall for Apache web servers that's used to prevent attacks toward web apps. It tracks the HTTP traffic to a particular site in real time and prevents any intrusion attempts as soon as it identifies them. The firewall uses a set of rules to do that - for instance, attempting to log in to a script administration area without success many times sets off one rule, sending a request to execute a specific file that could result in gaining access to the site triggers another rule, and so on. ModSecurity is amongst the best firewalls available on the market and it will secure even scripts which are not updated on a regular basis since it can prevent attackers from employing known exploits and security holes. Incredibly comprehensive info about every intrusion attempt is recorded and the logs the firewall maintains are much more detailed than the regular logs created by the Apache server, so you may later take a look at them and determine whether you need to take additional measures so as to enhance the protection of your script-driven Internet sites.

ModSecurity in Shared Hosting

ModSecurity can be found with every single shared hosting package that we provide and it is activated by default for every domain or subdomain which you add through your Hepsia Control Panel. In case it disrupts any of your applications or you'd like to disable it for any reason, you'll be able to achieve that through the ModSecurity section of Hepsia with just a mouse click. You can also enable a passive mode, so the firewall will identify potential attacks and maintain a log, but won't take any action. You can view extensive logs in the very same section, including the IP address where the attack originated from, what exactly the attacker aimed to do and at what time, what ModSecurity did, and so on. For optimum protection of our customers we use a group of commercial firewall rules combined with custom ones which are added by our system administrators.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server solutions which we offer include ModSecurity and given that the firewall is turned on by default, any Internet site which you build under a domain or a subdomain shall be secured right away. An individual section in the Hepsia CP that comes with the semi-dedicated accounts is dedicated to ModSecurity and it shall allow you to start and stop the firewall for any website or activate a detection mode. With the last mentioned, ModSecurity will not take any action, but it'll still identify possible attacks and will keep all data in a log as if it were completely active. The logs can be found in the very same section of the Control Panel and they include specifics about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to recognize and stop it, etc. The security rules which we employ on our servers are a mix of commercial ones from a security business and custom ones created by our system administrators. For that reason, we offer higher security for your web programs as we can protect them from attacks before security firms release updates for completely new threats.

ModSecurity in VPS Servers

Security is very important to us, so we install ModSecurity on all VPS servers that are provided with the Hepsia CP as a standard. The firewall could be managed through a dedicated section inside Hepsia and is turned on automatically when you add a new domain or generate a subdomain, so you'll not need to do anything by hand. You shall also be able to disable it or turn on the so-called detection mode, so it will maintain a log of possible attacks you can later examine, but won't stop them. The logs in both passive and active modes contain info regarding the kind of the attack and how it was prevented, what IP address it originated from and other valuable data which might help you to tighten the security of your websites by updating them or blocking IPs, as an example. Besides the commercial rules that we get for ModSecurity from a third-party security enterprise, we also use our own rules since occasionally we discover specific attacks that are not yet present inside the commercial package. That way, we can easily enhance the protection of your VPS immediately instead of waiting for an official update.

ModSecurity in Dedicated Servers

ModSecurity is included with all dedicated servers that are set up with our Hepsia CP and you won't need to do anything specific on your end to employ it as it's turned on by default every time you add a new domain or subdomain on your hosting server. If it disrupts some of your apps, you will be able to stop it via the respective area of Hepsia, or you can leave it working in passive mode, so it shall identify attacks and shall still maintain a log for them, but shall not block them. You could analyze the logs later to determine what you can do to boost the security of your websites as you'll find info such as where an intrusion attempt originated from, what website was attacked and based on what rule ModSecurity responded, and so on. The rules that we employ are commercial, therefore they're constantly updated by a security company, but to be on the safe side, our administrators also include custom rules from time to time in order to deal with any new threats they have discovered.