ModSecurity is a powerful firewall for Apache web servers that is used to stop attacks toward web apps. It keeps track of the HTTP traffic to a specific Internet site in real time and blocks any intrusion attempts the moment it identifies them. The firewall relies on a set of rules to do this - for instance, trying to log in to a script administrator area unsuccessfully a few times sets off one rule, sending a request to execute a certain file that may result in gaining access to the website triggers a different rule, and so forth. ModSecurity is among the best firewalls available and it'll preserve even scripts which are not updated regularly as it can prevent attackers from using known exploits and security holes. Very thorough info about each intrusion attempt is recorded and the logs the firewall maintains are much more specific than the standard logs created by the Apache server, so you can later take a look at them and determine if you need to take additional measures in order to boost the security of your script-driven sites.

ModSecurity in Shared Hosting

ModSecurity comes by default with all shared hosting solutions that we supply and it shall be activated automatically for any domain or subdomain you add/create inside your Hepsia hosting CP. The firewall has 3 different modes, so you can activate and deactivate it with only a mouse click or set it to detection mode, so it shall maintain a log of all attacks, but it'll not do anything to prevent them. The log for each of your sites shall include in-depth information which includes the nature of the attack, where it came from, what action was taken by ModSecurity, etcetera. The firewall rules we use are regularly updated and comprise of both commercial ones we get from a third-party security firm and custom ones that our system administrators add in case that they detect a new kind of attacks. That way, the sites you host here will be far more secure without any action required on your end.

ModSecurity in Semi-dedicated Servers

We've included ModSecurity by default within all semi-dedicated server plans, so your web applications shall be protected whenever you set them up under any domain or subdomain. The Hepsia Control Panel that comes with the semi-dedicated accounts shall allow you to switch on or disable the firewall for any website with a mouse click. You'll also have the ability to activate a passive detection mode with which ModSecurity will maintain a log of potential attacks without actually preventing them. The comprehensive logs contain the nature of the attack and what ModSecurity response this attack activated, where it came from, etc. The list of rules we employ is regularly updated in order to match any new threats that may appear on the Internet and it includes both commercial rules that we get from a security firm and custom-written ones which our admins include if they find a threat that's not present inside the commercial list yet.

ModSecurity in VPS Servers

All VPS servers that are set up with the Hepsia CP come with ModSecurity. The firewall is installed and turned on by default for all domains that are hosted on the machine, so there will not be anything special that you will have to do to protect your websites. It will take you simply a mouse click to stop ModSecurity if required or to switch on its passive mode so that it records what goes on without taking any actions to stop intrusions. You'll be able to view the logs generated in passive or active mode from the corresponding section of Hepsia and learn more about the type of the attack, where it came from, what rule the firewall used to deal with it, etc. We employ a mixture of commercial and custom rules so as to make sure that ModSecurity will block out as many risks as possible, therefore increasing the protection of your web apps as much as possible.

ModSecurity in Dedicated Servers

When you choose to host your sites on a dedicated server with the Hepsia CP, your web applications will be protected immediately because ModSecurity is available with all Hepsia-based solutions. You will be able to regulate the firewall effortlessly and if needed, you shall be able to turn it off or enable its passive mode when it shall only maintain a log of what is happening without taking any action to prevent possible attacks. The logs that you can find inside the very same section of the CP are very detailed and feature info about the attacker IP address, what site and file were attacked and in what ways, what rule the firewall used to prevent the intrusion, and so on. This data shall enable you to take measures and improve the protection of your websites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones which our administrators include when they detect attacks which haven't yet been included within the commercial pack.