ModSecurity is a powerful firewall for Apache web servers which is employed to prevent attacks against web apps. It tracks the HTTP traffic to a specific website in real time and stops any intrusion attempts the instant it detects them. The firewall relies on a set of rules to do that - for example, attempting to log in to a script admin area unsuccessfully many times sets off one rule, sending a request to execute a certain file which could result in gaining access to the Internet site triggers a different rule, etc. ModSecurity is among the best firewalls available and it'll protect even scripts which aren't updated frequently since it can prevent attackers from using known exploits and security holes. Incredibly comprehensive info about each intrusion attempt is recorded and the logs the firewall maintains are considerably more comprehensive than the regular logs generated by the Apache server, so you could later examine them and determine whether you need to take more measures so as to boost the security of your script-driven sites.

ModSecurity in Shared Hosting

ModSecurity is available with every single shared hosting plan which we provide and it is activated by default for any domain or subdomain which you add through your Hepsia CP. If it disrupts any of your programs or you'd like to disable it for whatever reason, you will be able to achieve that through the ModSecurity section of Hepsia with simply a mouse click. You may also enable a passive mode, so the firewall will recognize potential attacks and maintain a log, but will not take any action. You can see comprehensive logs in the same section, including the IP where the attack came from, exactly what the attacker attempted to do and at what time, what ModSecurity did, and so forth. For maximum safety of our clients we use a group of commercial firewall rules mixed with custom ones that are included by our system administrators.

ModSecurity in Semi-dedicated Servers

We've incorporated ModSecurity as a standard within all semi-dedicated server plans, so your web applications will be protected the instant you set them up under any domain or subdomain. The Hepsia CP which comes with the semi-dedicated accounts will allow you to switch on or disable the firewall for any Internet site with a mouse click. You shall also have the ability to activate a passive detection mode with which ModSecurity shall keep a log of potential attacks without really preventing them. The detailed logs contain the nature of the attack and what ModSecurity response this attack caused, where it originated from, etcetera. The list of rules which we employ is constantly updated as to match any new risks which might appear on the Internet and it includes both commercial rules that we get from a security firm and custom-written ones which our administrators add in the event that they discover a threat that's not present in the commercial list yet.

ModSecurity in VPS Servers

ModSecurity is provided with all Hepsia-based VPS servers we offer and it'll be turned on automatically for every new domain or subdomain that you include on the hosting server. This way, any web application that you install will be secured immediately without doing anything personally on your end. The firewall could be handled from the section of the CP which bears the same name. This is the location in whichyou'll be able to disable ModSecurity or let its passive mode, so it shall not take any action against threats, but will still keep a thorough log. The recorded information is available in the same area as well and you shall be able to see what IPs any attacks originated from so that you can stop them, what the nature of the attempted attacks was and based on what security rules ModSecurity responded. The rules which we employ on our servers are a mixture between commercial ones which we get from a security firm and custom ones which are included by our administrators to maximize the protection of any web applications hosted on our end.

ModSecurity in Dedicated Servers

If you decide to host your Internet sites on a dedicated server with the Hepsia CP, your web apps will be secured right from the start since ModSecurity is provided with all Hepsia-based plans. You'll be able to control the firewall easily and if needed, you shall be able to turn it off or switch on its passive mode when it shall only maintain a log of what is happening without taking any action to prevent potential attacks. The logs which you'll find inside the very same section of the Control Panel are really detailed and include data about the attacker IP address, what website and file were attacked and in what way, what rule the firewall employed to prevent the intrusion, and so on. This data shall enable you to take measures and increase the security of your websites even more. To be on the safe side, we employ not just commercial rules, but also custom-made ones that our admins include when they recognize attacks that haven't yet been included within the commercial pack.