ModSecurity is an effective firewall for Apache web servers that's used to prevent attacks against web apps. It tracks the HTTP traffic to a given site in real time and stops any intrusion attempts as soon as it detects them. The firewall uses a set of rules to accomplish that - for instance, attempting to log in to a script administrator area without success several times triggers one rule, sending a request to execute a certain file which could result in gaining access to the Internet site triggers another rule, and so on. ModSecurity is one of the best firewalls available and it will secure even scripts that are not updated on a regular basis as it can prevent attackers from using known exploits and security holes. Incredibly thorough info about each and every intrusion attempt is recorded and the logs the firewall keeps are far more detailed than the regular logs provided by the Apache server, so you could later examine them and determine if you need to take extra measures in order to enhance the safety of your script-driven sites.

ModSecurity in Shared Website Hosting

ModSecurity is available on all shared website hosting servers, so when you opt to host your sites with our business, they'll be shielded from a wide range of attacks. The firewall is turned on as standard for all domains and subdomains, so there will be nothing you will need to do on your end. You'll be able to stop ModSecurity for any Internet site if required, or to switch on a detection mode, so that all activity shall be recorded, but the firewall won't take any real action. You will be able to view detailed logs via your Hepsia Control Panel including the IP address where the attack came from, what the attacker wanted to do and how ModSecurity dealt with the threat. As we take the protection of our clients' Internet sites seriously, we use a group of commercial rules that we get from one of the top companies which maintain this sort of rules. Our administrators also include custom rules to make sure that your sites shall be protected against as many risks as possible.

ModSecurity in Semi-dedicated Hosting

ModSecurity is part of our semi-dedicated hosting solutions and if you choose to host your Internet sites with us, there will not be anything special you'll need to do since the firewall is switched on by default for all domains and subdomains that you include through your hosting CP. If needed, you could disable ModSecurity for a certain site or switch on the so-called detection mode in which case the firewall will still work and record info, but shall not do anything to stop potential attacks against your sites. Comprehensive logs shall be readily available inside your CP and you shall be able to see what sort of attacks happened, what security rules were triggered and how the firewall addressed the threats, what Internet protocol addresses the attacks originated from, etc. We use two sorts of rules on our servers - commercial ones from a company which operates in the field of web security, and custom ones that our admins often add to respond to newly discovered threats promptly.

ModSecurity in VPS Hosting

Safety is extremely important to us, so we install ModSecurity on all virtual private servers that are provided with the Hepsia Control Panel as a standard. The firewall can be managed through a dedicated section in Hepsia and is turned on automatically when you add a new domain or generate a subdomain, so you will not need to do anything personally. You will also be able to disable it or activate the so-called detection mode, so it shall keep a log of potential attacks which you can later study, but won't block them. The logs in both passive and active modes include details about the type of the attack and how it was eliminated, what IP address it came from and other important information which might help you to tighten the security of your websites by updating them or blocking IPs, for example. Besides the commercial rules that we get for ModSecurity from a third-party security firm, we also employ our own rules as occasionally we identify specific attacks which are not yet present within the commercial pack. That way, we can improve the protection of your Virtual private server right away rather than waiting for an official update.

ModSecurity in Dedicated Web Hosting

ModSecurity comes with all dedicated servers which are set up with our Hepsia Control Panel and you won't need to do anything specific on your end to employ it because it's switched on by default whenever you include a new domain or subdomain on your server. In the event that it interferes with any of your programs, you shall be able to stop it through the respective section of Hepsia, or you may leave it operating in passive mode, so it will detect attacks and shall still keep a log for them, but shall not block them. You can examine the logs later to determine what you can do to increase the protection of your websites since you will find information such as where an intrusion attempt came from, what site was attacked and based upon what rule ModSecurity responded, etcetera. The rules that we use are commercial, thus they're constantly updated by a security company, but to be on the safe side, our admins also add custom rules from time to time as to respond to any new threats they have identified.