ModSecurity is an effective firewall for Apache web servers that is used to prevent attacks against web applications. It keeps track of the HTTP traffic to a specific site in real time and prevents any intrusion attempts as soon as it identifies them. The firewall uses a set of rules to accomplish that - for example, attempting to log in to a script administrator area without success many times activates one rule, sending a request to execute a specific file which could result in getting access to the website triggers a different rule, etcetera. ModSecurity is among the best firewalls available on the market and it'll preserve even scripts that aren't updated on a regular basis because it can prevent attackers from using known exploits and security holes. Very comprehensive info about each intrusion attempt is recorded and the logs the firewall keeps are much more detailed than the conventional logs provided by the Apache server, so you can later take a look at them and determine whether you need to take more measures so as to enhance the safety of your script-driven Internet sites.

ModSecurity in Shared Web Hosting

ModSecurity comes standard with all shared web hosting plans which we provide and it'll be activated automatically for any domain or subdomain which you add/create in your Hepsia hosting Control Panel. The firewall has 3 different modes, so you'll be able to switch on and deactivate it with a click or set it to detection mode, so it will keep a log of all attacks, but it'll not do anything to stop them. The log for any of your websites will include elaborate info including the nature of the attack, where it came from, what action was taken by ModSecurity, etcetera. The firewall rules we use are constantly updated and include both commercial ones we get from a third-party security business and custom ones that our system administrators add in the event that they detect a new sort of attacks. In this way, the Internet sites you host here shall be way more protected with no action expected on your end.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting plans that we offer come with ModSecurity and because the firewall is enabled by default, any Internet site you set up under a domain or a subdomain shall be secured straight away. An independent section in the Hepsia CP which comes with the semi-dedicated accounts is dedicated to ModSecurity and it shall enable you to start and stop the firewall for any site or switch on a detection mode. With the last mentioned, ModSecurity shall not take any action, but it will still identify possible attacks and will keep all information within a log as if it were 100% active. The logs could be found in the very same section of the Control Panel and they feature information regarding the IP where an attack came from, what its nature was, what rule ModSecurity applies to recognize and stop it, and so on. The security rules which we employ on our machines are a mix between commercial ones from a security company and custom ones made by our system administrators. Therefore, we provide increased security for your web programs as we can protect them from attacks before security companies release updates for completely new threats.

ModSecurity in VPS Hosting

ModSecurity is pre-installed on all virtual private servers that are provided with the Hepsia hosting Control Panel, so your web applications will be secured from the instant your server is ready. The firewall is activated by default for any domain or subdomain on the VPS, but if needed, you'll be able to disable it with a click through the corresponding section of Hepsia. You may also set it to operate in detection mode, so it shall maintain an extensive log of any potential attacks without taking any action to prevent them. The logs can be found within the exact same section and include details about the nature of the attack, what IP it originated from and what ModSecurity rule was activated to stop it. For maximum security, we use not simply commercial rules from a firm working in the field of web security, but also custom ones our administrators add manually in order to react to new risks which are still not dealt with in the commercial rules.

ModSecurity in Dedicated Web Hosting

ModSecurity comes with all dedicated servers that are set up with our Hepsia CP and you will not need to do anything specific on your end to employ it as it's activated by default every time you add a new domain or subdomain on your web server. In case it interferes with some of your applications, you'll be able to stop it via the respective section of Hepsia, or you could leave it operating in passive mode, so it will detect attacks and shall still maintain a log for them, but will not stop them. You'll be able to analyze the logs later to determine what you can do to increase the protection of your Internet sites since you shall find info such as where an intrusion attempt came from, what website was attacked and based on what rule ModSecurity reacted, etc. The rules we use are commercial, therefore they're frequently updated by a security company, but to be on the safe side, our administrators also add custom rules from time to time in order to deal with any new threats they have found.