ModSecurity is a highly effective firewall for Apache web servers that is employed to prevent attacks towards web applications. It keeps track of the HTTP traffic to a specific site in real time and stops any intrusion attempts as soon as it identifies them. The firewall uses a set of rules to accomplish that - for example, trying to log in to a script admin area unsuccessfully a few times sets off one rule, sending a request to execute a certain file that may result in getting access to the site triggers another rule, etcetera. ModSecurity is amongst the best firewalls around and it'll secure even scripts that are not updated frequently because it can prevent attackers from employing known exploits and security holes. Incredibly detailed information about each intrusion attempt is recorded and the logs the firewall maintains are much more detailed than the regular logs created by the Apache server, so you can later analyze them and determine if you need to take additional measures in order to boost the protection of your script-driven Internet sites.

ModSecurity in Cloud Website Hosting

ModSecurity is offered with every cloud website hosting plan which we provide and it is switched on by default for every domain or subdomain that you include through your Hepsia CP. In the event that it interferes with any of your applications or you'd like to disable it for any reason, you'll be able to do this through the ModSecurity section of Hepsia with only a click. You could also activate a passive mode, so the firewall will recognize potential attacks and keep a log, but won't take any action. You can view comprehensive logs in the same section, including the IP address where the attack came from, what exactly the attacker aimed to do and at what time, what ModSecurity did, and so on. For optimum safety of our clients we use a group of commercial firewall rules blended with custom ones that are included by our system administrators.

ModSecurity in Semi-dedicated Hosting

We have incorporated ModSecurity as a standard inside all semi-dedicated hosting products, so your web apps shall be protected as soon as you install them under any domain or subdomain. The Hepsia Control Panel which is included with the semi-dedicated accounts will allow you to enable or turn off the firewall for any site with a click. You'll also be able to turn on a passive detection mode with which ModSecurity will maintain a log of possible attacks without actually stopping them. The comprehensive logs include things like the nature of the attack and what ModSecurity response this attack triggered, where it originated from, and so on. The list of rules that we employ is regularly updated in order to match any new threats which could appear on the Internet and it consists of both commercial rules that we get from a security company and custom-written ones that our admins add in case they discover a threat that is not present within the commercial list yet.

ModSecurity in VPS Web Hosting

All virtual private servers that are set up with the Hepsia Control Panel feature ModSecurity. The firewall is set up and turned on by default for all domains which are hosted on the machine, so there won't be anything special which you'll have to do to protect your websites. It will take you simply a mouse click to stop ModSecurity if needed or to switch on its passive mode so that it records what happens without taking any steps to prevent intrusions. You will be able to see the logs generated in active or passive mode through the corresponding section of Hepsia and find out more about the type of the attack, where it came from, what rule the firewall used to handle it, and so on. We use a mix of commercial and custom rules in order to make certain that ModSecurity will stop as many threats as possible, thus enhancing the security of your web applications as much as possible.

ModSecurity in Dedicated Servers Hosting

All our dedicated servers that are set up with the Hepsia hosting Control Panel feature ModSecurity, so any application that you upload or install will be secured from the very beginning and you will not need to concern yourself with common attacks or vulnerabilities. A separate section in Hepsia will permit you to start or stop the firewall for any domain or subdomain, or switch on a detection mode so that it records details about intrusions, but does not take actions to prevent them. What you shall discover in the logs can allow you to to secure your sites better - the IP address an attack originated from, what website was attacked and exactly how, what ModSecurity rule was triggered, etc. With this data, you could see whether an Internet site needs an update, whether you need to block IPs from accessing your server, etcetera. On top of the third-party commercial security rules for ModSecurity we use, our administrators include custom ones as well every time they find a new threat that's not yet in the commercial bundle.