ModSecurity is a powerful firewall for Apache web servers that's employed to stop attacks towards web applications. It keeps track of the HTTP traffic to a certain site in real time and prevents any intrusion attempts as soon as it identifies them. The firewall uses a set of rules to accomplish that - for instance, trying to log in to a script admin area without success a few times triggers one rule, sending a request to execute a specific file which may result in accessing the website triggers a different rule, and so forth. ModSecurity is one of the best firewalls available and it will secure even scripts that are not updated often because it can prevent attackers from using known exploits and security holes. Very comprehensive data about every intrusion attempt is recorded and the logs the firewall keeps are considerably more specific than the regular logs generated by the Apache server, so you may later take a look at them and decide if you need to take additional measures in order to enhance the protection of your script-driven Internet sites.

ModSecurity in Website Hosting

ModSecurity is available with every website hosting solution which we offer and it's activated by default for any domain or subdomain which you add through your Hepsia Control Panel. In case it interferes with any of your apps or you'd like to disable it for some reason, you shall be able to accomplish that through the ModSecurity area of Hepsia with just a mouse click. You can also enable a passive mode, so the firewall will detect possible attacks and keep a log, but will not take any action. You can see extensive logs in the exact same section, including the IP address where the attack came from, what exactly the attacker tried to do and at what time, what ModSecurity did, etc. For optimum safety of our clients we use a collection of commercial firewall rules mixed with custom ones that are added by our system admins.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting solutions that we offer feature ModSecurity and since the firewall is enabled by default, any website you create under a domain or a subdomain will be protected immediately. An independent section inside the Hepsia CP that comes with the semi-dedicated accounts is devoted to ModSecurity and it shall allow you to start and stop the firewall for any site or enable a detection mode. With the last mentioned, ModSecurity won't take any action, but it will still detect possible attacks and will keep all information in a log as if it were completely active. The logs could be found inside the exact same section of the CP and they include specifics about the IP where an attack came from, what its nature was, what rule ModSecurity applies to recognize and stop it, and so forth. The security rules we employ on our servers are a mix between commercial ones from a security company and custom ones made by our system admins. For that reason, we offer higher security for your web apps as we can protect them from attacks even before security companies release updates for new threats.

ModSecurity in VPS Hosting

All virtual private servers which are provided with the Hepsia CP come with ModSecurity. The firewall is installed and switched on by default for all domains that are hosted on the machine, so there shall not be anything special that you shall have to do to protect your websites. It shall take you simply a click to stop ModSecurity if required or to switch on its passive mode so that it records what goes on without taking any steps to stop intrusions. You will be able to view the logs created in active or passive mode from the corresponding section of Hepsia and learn more about the form of the attack, where it originated from, what rule the firewall employed to handle it, etcetera. We employ a mix of commercial and custom rules in order to ensure that ModSecurity will stop as many risks as possible, hence increasing the security of your web programs as much as possible.

ModSecurity in Dedicated Web Hosting

When you choose to host your Internet sites on a dedicated server with the Hepsia CP, your web programs will be secured straight away as ModSecurity is supplied with all Hepsia-based solutions. You will be able to manage the firewall effortlessly and if necessary, you'll be able to turn it off or enable its passive mode when it shall only keep a log of what's happening without taking any action to stop potential attacks. The logs that you will find in the same section of the CP are incredibly detailed and feature data about the attacker IP address, what website and file were attacked and in what ways, what rule the firewall employed to prevent the intrusion, and so on. This info will allow you to take measures and enhance the security of your Internet sites even more. To be on the safe side, we use not just commercial rules, but also custom-made ones that our administrators add every time they detect attacks that haven't yet been included in the commercial pack.