ModSecurity is an efficient firewall for Apache web servers that's employed to stop attacks toward web apps. It keeps track of the HTTP traffic to a particular Internet site in real time and blocks any intrusion attempts as soon as it identifies them. The firewall relies on a set of rules to do this - as an illustration, attempting to log in to a script administration area without success several times sets off one rule, sending a request to execute a particular file which could result in gaining access to the website triggers another rule, and so forth. ModSecurity is amongst the best firewalls available and it will secure even scripts which aren't updated regularly since it can prevent attackers from employing known exploits and security holes. Incredibly thorough data about every single intrusion attempt is recorded and the logs the firewall maintains are considerably more comprehensive than the conventional logs provided by the Apache server, so you can later analyze them and decide if you need to take extra measures in order to boost the safety of your script-driven Internet sites.

ModSecurity in Hosting

ModSecurity comes by default with all hosting plans which we offer and it'll be activated automatically for any domain or subdomain which you add/create within your Hepsia hosting Control Panel. The firewall has three different modes, so you'll be able to switch on and disable it with a mouse click or set it to detection mode, so it will maintain a log of all attacks, but it'll not do anything to stop them. The log for any of your sites shall contain comprehensive information such as the nature of the attack, where it originated from, what action was taken by ModSecurity, and so on. The firewall rules that we use are frequently updated and comprise of both commercial ones that we get from a third-party security firm and custom ones that our system admins add in case that they detect a new type of attacks. In this way, the Internet sites that you host here will be much more protected with no action expected on your end.

ModSecurity in Semi-dedicated Hosting

ModSecurity is a part of our semi-dedicated hosting solutions and if you choose to host your sites with us, there shall not be anything special you will have to do as the firewall is switched on by default for all domains and subdomains that you include using your hosting Control Panel. If necessary, you'll be able to disable ModSecurity for a given site or turn on the so-called detection mode in which case the firewall shall still function and record data, but won't do anything to stop possible attacks against your Internet sites. Comprehensive logs shall be readily available inside your CP and you shall be able to see which kind of attacks took place, what security rules were triggered and how the firewall handled the threats, what Internet protocol addresses the attacks originated from, and so forth. We employ 2 sorts of rules on our servers - commercial ones from a business which operates in the field of web security, and custom made ones which our admins often add to respond to newly discovered risks promptly.

ModSecurity in VPS Web Hosting

All virtual private servers that are set up with the Hepsia CP include ModSecurity. The firewall is installed and switched on by default for all domains which are hosted on the server, so there shall not be anything special which you shall have to do to protect your Internet sites. It will take you a mouse click to stop ModSecurity if required or to activate its passive mode so that it records what goes on without taking any measures to prevent intrusions. You'll be able to look at the logs produced in passive or active mode via the corresponding section of Hepsia and learn more about the form of the attack, where it originated from, what rule the firewall employed to take care of it, and so on. We employ a mixture of commercial and custom rules in order to make sure that ModSecurity will stop as many threats as possible, thus improving the security of your web applications as much as possible.

ModSecurity in Dedicated Servers Hosting

All of our dedicated servers that are set up with the Hepsia hosting Control Panel include ModSecurity, so any app that you upload or install will be protected from the very beginning and you won't have to concern yourself with common attacks or vulnerabilities. An independent section inside Hepsia will allow you to start or stop the firewall for any domain or subdomain, or switch on a detection mode so that it records info about intrusions, but doesn't take actions to stop them. What you'll discover in the logs shall allow you to to secure your sites better - the IP an attack came from, what site was attacked and how, what ModSecurity rule was triggered, and so on. With this data, you could see whether an Internet site needs an update, whether you ought to block IPs from accessing your hosting server, and so on. Besides the third-party commercial security rules for ModSecurity we use, our admins add custom ones as well if they find a new threat which is not yet a part of the commercial bundle.