ModSecurity is a highly effective firewall for Apache web servers which is employed to prevent attacks toward web apps. It monitors the HTTP traffic to a certain Internet site in real time and stops any intrusion attempts the moment it discovers them. The firewall uses a set of rules to do this - for example, trying to log in to a script administration area without success many times sets off one rule, sending a request to execute a specific file that may result in gaining access to the website triggers a different rule, etcetera. ModSecurity is amongst the best firewalls out there and it'll secure even scripts that are not updated regularly because it can prevent attackers from employing known exploits and security holes. Very detailed info about each intrusion attempt is recorded and the logs the firewall maintains are far more detailed than the regular logs generated by the Apache server, so you could later analyze them and decide whether you need to take additional measures so as to increase the security of your script-driven sites.

ModSecurity in Hosting

ModSecurity is supplied with all hosting machines, so if you opt to host your sites with our company, they will be shielded from an array of attacks. The firewall is turned on by default for all domains and subdomains, so there'll be nothing you shall have to do on your end. You will be able to stop ModSecurity for any site if needed, or to enable a detection mode, so that all activity will be recorded, but the firewall won't take any real action. You shall be able to view specific logs via your Hepsia CP including the IP address where the attack originated from, what the attacker wished to do and how ModSecurity addressed the threat. As we take the safety of our clients' Internet sites seriously, we employ a selection of commercial rules which we take from one of the top companies that maintain this sort of rules. Our administrators also include custom rules to make certain that your websites shall be shielded from as many risks as possible.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server plans that we offer feature ModSecurity and because the firewall is switched on by default, any Internet site which you set up under a domain or a subdomain shall be protected right away. An individual section within the Hepsia Control Panel which comes with the semi-dedicated accounts is dedicated to ModSecurity and it'll enable you to start and stop the firewall for any website or activate a detection mode. With the last option, ModSecurity will not take any action, but it shall still identify possible attacks and shall keep all data inside a log as if it were fully active. The logs could be found in the exact same section of the Control Panel and they feature information regarding the IP where an attack originated from, what its nature was, what rule ModSecurity applies to detect and stop it, and so forth. The security rules we employ on our web servers are a mix of commercial ones from a security company and custom ones developed by our system admins. Consequently, we offer higher security for your web apps as we can shield them from attacks before security firms release updates for brand new threats.

ModSecurity in VPS Servers

ModSecurity is included with all Hepsia-based VPS servers we offer and it'll be switched on automatically for any new domain or subdomain which you add on the hosting server. In this way, any web application you install shall be secured from the very beginning without doing anything personally on your end. The firewall may be managed via the section of the CP that bears the same name. This is the location in whichyou'll be able to turn off ModSecurity or enable its passive mode, so it shall not take any action against threats, but shall still maintain a detailed log. The recorded information is available inside the same section as well and you shall be able to see what IPs any attacks came from to enable you to stop them, what the nature of the attempted attacks was and based upon what security rules ModSecurity reacted. The rules which we employ on our servers are a blend between commercial ones that we obtain from a security organization and custom ones that are included by our staff to enhance the security of any web applications hosted on our end.

ModSecurity in Dedicated Servers

All our dedicated servers which are installed with the Hepsia hosting Control Panel feature ModSecurity, so any program you upload or set up will be secured from the very beginning and you won't need to concern yourself with common attacks or vulnerabilities. An individual section inside Hepsia will permit you to start or stop the firewall for each and every domain or subdomain, or switch on a detection mode so that it records information regarding intrusions, but does not take actions to stop them. What you shall find in the logs shall allow you to to secure your Internet sites better - the IP address an attack came from, what site was attacked and how, what ModSecurity rule was triggered, and so forth. With this data, you'll be able to see if an Internet site needs an update, whether you need to block IPs from accessing your web server, and so forth. On top of the third-party commercial security rules for ModSecurity which we use, our admins add custom ones too when they discover a new threat that's not yet a part of the commercial bundle.