ModSecurity is an effective firewall for Apache web servers that is employed to stop attacks toward web apps. It monitors the HTTP traffic to a certain website in real time and prevents any intrusion attempts as soon as it detects them. The firewall relies on a set of rules to accomplish that - for instance, attempting to log in to a script administrator area unsuccessfully many times activates one rule, sending a request to execute a certain file that may result in getting access to the Internet site triggers another rule, and so on. ModSecurity is among the best firewalls available and it'll secure even scripts that aren't updated on a regular basis because it can prevent attackers from employing known exploits and security holes. Quite detailed information about every single intrusion attempt is recorded and the logs the firewall maintains are far more detailed than the regular logs created by the Apache server, so you can later take a look at them and determine if you need to take more measures in order to increase the security of your script-driven websites.

ModSecurity in Cloud Website Hosting

ModSecurity is provided with all cloud website hosting web servers, so when you opt to host your websites with our firm, they shall be resistant to a wide array of attacks. The firewall is enabled by default for all domains and subdomains, so there shall be nothing you shall have to do on your end. You will be able to stop ModSecurity for any site if required, or to enable a detection mode, so that all activity will be recorded, but the firewall won't take any real action. You will be able to view detailed logs from your Hepsia Control Panel including the IP address where the attack came from, what the attacker planned to do and how ModSecurity addressed the threat. Since we take the safety of our clients' sites very seriously, we use a group of commercial rules which we take from one of the leading firms that maintain such rules. Our administrators also add custom rules to make sure that your sites shall be shielded from as many risks as possible.

ModSecurity in Semi-dedicated Servers

We've incorporated ModSecurity by default inside all semi-dedicated server packages, so your web applications will be protected as soon as you set them up under any domain or subdomain. The Hepsia Control Panel that is included with the semi-dedicated accounts shall allow you to activate or turn off the firewall for any website with a click. You shall also be able to switch on a passive detection mode in which ModSecurity will maintain a log of possible attacks without actually preventing them. The detailed logs include the nature of the attack and what ModSecurity response that attack initiated, where it came from, and so forth. The list of rules we use is constantly updated in order to match any new risks that might appear on the Internet and it includes both commercial rules that we get from a security corporation and custom-written ones which our admins include in the event that they find a threat that's not present in the commercial list yet.

ModSecurity in VPS Servers

ModSecurity is pre-installed on all VPS servers that are offered with the Hepsia hosting Control Panel, so your web programs will be secured from the moment your server is ready. The firewall is turned on by default for any domain or subdomain on the Virtual Private Server, but if needed, you could disable it with a click of your mouse from the corresponding section of Hepsia. You could also set it to work in detection mode, so it will maintain a comprehensive log of any potential attacks without taking any action to prevent them. The logs can be found inside the exact same section and include info about the nature of the attack, what IP address it came from and what ModSecurity rule was triggered to stop it. For best security, we employ not simply commercial rules from a business working in the field of web security, but also custom ones our admins add manually in order to respond to new threats which are still not tackled in the commercial rules.

ModSecurity in Dedicated Servers

If you decide to host your Internet sites on a dedicated server with the Hepsia CP, your web programs will be protected immediately because ModSecurity is available with all Hepsia-based solutions. You'll be able to manage the firewall with ease and if needed, you shall be able to turn it off or activate its passive mode when it shall only keep a log of what is occurring without taking any action to stop possible attacks. The logs which you can find within the exact same section of the Control Panel are really detailed and feature details about the attacker IP address, what site and file were attacked and in what ways, what rule the firewall used to stop the intrusion, etcetera. This info will allow you to take measures and boost the security of your Internet sites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones that our administrators include when they detect attacks which have not yet been included inside the commercial pack.