ModSecurity is a highly effective firewall for Apache web servers which is employed to prevent attacks toward web apps. It tracks the HTTP traffic to a given site in real time and stops any intrusion attempts the moment it discovers them. The firewall uses a set of rules to do this - for example, trying to log in to a script admin area without success many times triggers one rule, sending a request to execute a particular file that could result in accessing the website triggers another rule, and so forth. ModSecurity is one of the best firewalls around and it will preserve even scripts that aren't updated on a regular basis since it can prevent attackers from employing known exploits and security holes. Very detailed info about every intrusion attempt is recorded and the logs the firewall maintains are considerably more specific than the standard logs created by the Apache server, so you can later examine them and determine if you need to take additional measures in order to boost the safety of your script-driven Internet sites.

ModSecurity in Cloud Hosting

ModSecurity is offered with every single cloud hosting solution that we provide and it is activated by default for any domain or subdomain which you include through your Hepsia Control Panel. In case it disrupts any of your apps or you'd like to disable it for some reason, you'll be able to do that through the ModSecurity area of Hepsia with only a mouse click. You can also enable a passive mode, so the firewall will recognize possible attacks and maintain a log, but won't take any action. You could see detailed logs in the exact same section, including the IP address where the attack came from, what precisely the attacker attempted to do and at what time, what ModSecurity did, etcetera. For max protection of our customers we use a group of commercial firewall rules blended with custom ones that are included by our system admins.

ModSecurity in Semi-dedicated Hosting

Any web program that you install within your new semi-dedicated hosting account will be protected by ModSecurity as the firewall comes with all our hosting solutions and is turned on by default for any domain and subdomain that you add or create through your Hepsia hosting Control Panel. You shall be able to manage ModSecurity through a dedicated section within Hepsia where not simply could you activate or deactivate it fully, but you can also activate a passive mode, so the firewall won't block anything, but it'll still maintain a record of possible attacks. This takes just a mouse click and you'll be able to view the logs regardless if ModSecurity is in passive or active mode through the same section - what the attack was and where it originated from, how it was addressed, and so on. The firewall uses two sets of rules on our machines - a commercial one which we get from a third-party web security company and a custom one that our administrators update manually in order to respond to newly discovered threats immediately.

ModSecurity in VPS Web Hosting

ModSecurity comes with all Hepsia-based virtual private servers which we offer and it shall be turned on automatically for every new domain or subdomain that you include on the hosting server. This way, any web application which you install will be protected right from the start without doing anything manually on your end. The firewall could be handled via the section of the CP that has the same name. This is the location whereyou'll be able to turn off ModSecurity or enable its passive mode, so it shall not take any action toward threats, but shall still maintain a comprehensive log. The recorded information is available inside the same section as well and you shall be able to see what IPs any attacks originated from to enable you to block them, what the nature of the attempted attacks was and based upon what security rules ModSecurity reacted. The rules we employ on our servers are a mix between commercial ones which we obtain from a security firm and custom ones which are included by our staff to optimize the protection of any web apps hosted on our end.

ModSecurity in Dedicated Servers Hosting

ModSecurity is included with all dedicated servers which are integrated with our Hepsia Control Panel and you will not need to do anything specific on your end to use it because it's activated by default every time you add a new domain or subdomain on your hosting server. In case it disrupts any of your programs, you shall be able to stop it via the respective area of Hepsia, or you could leave it in passive mode, so it will recognize attacks and will still keep a log for them, but will not stop them. You could analyze the logs later to find out what you can do to boost the security of your sites since you'll find info such as where an intrusion attempt came from, what website was attacked and based on what rule ModSecurity responded, etc. The rules we use are commercial, hence they're constantly updated by a security provider, but to be on the safe side, our administrators also add custom rules every now and then as to react to any new threats they have discovered.