ModSecurity is an effective firewall for Apache web servers that's used to prevent attacks towards web applications. It keeps track of the HTTP traffic to a specific website in real time and stops any intrusion attempts as soon as it identifies them. The firewall relies on a set of rules to do this - for instance, trying to log in to a script admin area unsuccessfully several times activates one rule, sending a request to execute a certain file which could result in gaining access to the site triggers a different rule, etc. ModSecurity is amongst the best firewalls available on the market and it'll secure even scripts that aren't updated often because it can prevent attackers from employing known exploits and security holes. Incredibly detailed information about every single intrusion attempt is recorded and the logs the firewall maintains are much more comprehensive than the regular logs generated by the Apache server, so you can later examine them and decide if you need to take additional measures so as to enhance the safety of your script-driven Internet sites.

ModSecurity in Cloud Hosting

ModSecurity is provided with all cloud hosting servers, so when you decide to host your sites with our business, they shall be shielded from a wide range of attacks. The firewall is turned on by default for all domains and subdomains, so there'll be nothing you'll have to do on your end. You'll be able to stop ModSecurity for any website if needed, or to activate a detection mode, so that all activity will be recorded, but the firewall shall not take any real action. You will be able to view specific logs from your Hepsia CP including the IP where the attack came from, what the attacker wished to do and how ModSecurity dealt with the threat. As we take the security of our clients' Internet sites very seriously, we use a group of commercial rules that we take from one of the top firms that maintain this kind of rules. Our admins also add custom rules to make sure that your Internet sites shall be resistant to as many risks as possible.

ModSecurity in Semi-dedicated Hosting

We've included ModSecurity as a standard in all semi-dedicated hosting products, so your web apps shall be protected as soon as you set them up under any domain or subdomain. The Hepsia CP which is included with the semi-dedicated accounts will allow you to enable or disable the firewall for any Internet site with a click. You shall also have the ability to switch on a passive detection mode with which ModSecurity shall keep a log of potential attacks without actually stopping them. The detailed logs include things like the nature of the attack and what ModSecurity response that attack caused, where it originated from, and so forth. The list of rules which we use is frequently updated in order to match any new threats which might appear on the Internet and it includes both commercial rules that we get from a security firm and custom-written ones that our administrators add in the event that they find a threat which is not present inside the commercial list yet.

ModSecurity in VPS Web Hosting

ModSecurity is pre-installed on all virtual private servers that are offered with the Hepsia hosting Control Panel, so your web applications shall be protected from the moment your server is ready. The firewall is activated by default for any domain or subdomain on the VPS, but if necessary, you can deactivate it with a click of your mouse from the corresponding section of Hepsia. You can also set it to work in detection mode, so it shall maintain a comprehensive log of any potential attacks without taking any action to stop them. The logs are available within the exact same section and offer information about the nature of the attack, what IP it came from and what ModSecurity rule was activated to stop it. For best security, we employ not just commercial rules from a company working in the field of web security, but also custom ones our admins include personally so as to respond to new threats that are still not tackled in the commercial rules.

ModSecurity in Dedicated Servers Hosting

ModSecurity comes with all dedicated servers that are integrated with our Hepsia CP and you will not need to do anything specific on your end to employ it since it is activated by default every time you include a new domain or subdomain on your server. In the event that it disrupts any of your apps, you shall be able to stop it through the respective part of Hepsia, or you can leave it working in passive mode, so it will detect attacks and shall still maintain a log for them, but shall not stop them. You'll be able to analyze the logs later to learn what you can do to improve the safety of your Internet sites as you shall find information such as where an intrusion attempt originated from, what Internet site was attacked and based upon what rule ModSecurity reacted, etc. The rules which we use are commercial, therefore they are constantly updated by a security company, but to be on the safe side, our admins also add custom rules once in a while as to deal with any new threats they have identified.