ModSecurity is an effective firewall for Apache web servers that is used to prevent attacks towards web apps. It monitors the HTTP traffic to a specific site in real time and prevents any intrusion attempts as soon as it discovers them. The firewall relies on a set of rules to do this - as an example, trying to log in to a script administrator area without success a few times sets off one rule, sending a request to execute a certain file which may result in gaining access to the Internet site triggers another rule, etcetera. ModSecurity is among the best firewalls available and it'll secure even scripts that aren't updated frequently since it can prevent attackers from using known exploits and security holes. Very detailed data about every intrusion attempt is recorded and the logs the firewall maintains are far more comprehensive than the standard logs provided by the Apache server, so you may later examine them and decide whether you need to take more measures in order to boost the security of your script-driven sites.

ModSecurity in Cloud Hosting

We provide ModSecurity with all cloud hosting solutions, so your Internet applications will be shielded from harmful attacks. The firewall is activated by default for all domains and subdomains, but if you would like, you will be able to stop it using the respective part of your Hepsia CP. You could also switch on a detection mode, so ModSecurity will keep a log as intended, but won't take any action. The logs that you'll discover in Hepsia are quite detailed and feature information about the nature of any attack, when it occurred and from what IP address, the firewall rule which was triggered, and so forth. We employ a group of commercial rules which are constantly updated, but sometimes our admins add custom rules as well so as to efficiently protect the sites hosted on our servers.

ModSecurity in Semi-dedicated Servers

Any web app you set up inside your new semi-dedicated server account shall be protected by ModSecurity as the firewall is provided with all our hosting solutions and is switched on by default for any domain and subdomain that you include or create through your Hepsia hosting Control Panel. You shall be able to manage ModSecurity through a dedicated section in Hepsia where not simply can you activate or deactivate it fully, but you may also activate a passive mode, so the firewall shall not block anything, but it'll still keep an archive of possible attacks. This takes just a click and you'll be able to see the logs regardless if ModSecurity is in passive or active mode through the same section - what the attack was and where it came from, how it was dealt with, etcetera. The firewall employs two groups of rules on our web servers - a commercial one that we get from a third-party web security firm and a custom one which our admins update manually as to respond to recently discovered threats as fast as possible.

ModSecurity in VPS Servers

All VPS servers which are set up with the Hepsia CP include ModSecurity. The firewall is installed and switched on by default for all domains that are hosted on the web server, so there won't be anything special which you'll need to do to protect your sites. It will take you just a mouse click to stop ModSecurity if needed or to activate its passive mode so that it records what occurs without taking any measures to prevent intrusions. You'll be able to look at the logs created in active or passive mode through the corresponding section of Hepsia and find out more about the form of the attack, where it originated from, what rule the firewall employed to handle it, etcetera. We use a mixture of commercial and custom rules so as to make sure that ModSecurity shall block as many risks as possible, therefore improving the protection of your web programs as much as possible.

ModSecurity in Dedicated Servers

All our dedicated servers which are set up with the Hepsia hosting CP feature ModSecurity, so any application you upload or install will be properly secured from the very beginning and you won't have to bother about common attacks or vulnerabilities. A separate section within Hepsia will permit you to start or stop the firewall for any domain or subdomain, or turn on a detection mode so that it records information about intrusions, but does not take actions to stop them. What you shall find in the logs shall allow you to to secure your websites better - the IP an attack came from, what website was attacked and how, what ModSecurity rule was triggered, etcetera. With this information, you could see if a site needs an update, whether you ought to block IPs from accessing your server, and so forth. Aside from the third-party commercial security rules for ModSecurity which we use, our admins include custom ones as well when they discover a new threat that is not yet included in the commercial bundle.