ModSecurity is a powerful firewall for Apache web servers which is used to stop attacks toward web apps. It monitors the HTTP traffic to a certain Internet site in real time and prevents any intrusion attempts as soon as it identifies them. The firewall uses a set of rules to do that - as an example, trying to log in to a script administrator area unsuccessfully many times triggers one rule, sending a request to execute a specific file that may result in accessing the Internet site triggers a different rule, and so on. ModSecurity is among the best firewalls available and it will protect even scripts which are not updated often as it can prevent attackers from using known exploits and security holes. Very comprehensive information about every intrusion attempt is recorded and the logs the firewall maintains are considerably more specific than the conventional logs created by the Apache server, so you may later take a look at them and determine if you need to take extra measures in order to improve the protection of your script-driven Internet sites.

ModSecurity in Hosting

ModSecurity is supplied with all hosting web servers, so when you decide to host your websites with our firm, they shall be shielded from an array of attacks. The firewall is enabled by default for all domains and subdomains, so there'll be nothing you shall have to do on your end. You will be able to stop ModSecurity for any site if needed, or to enable a detection mode, so that all activity will be recorded, but the firewall shall not take any real action. You'll be able to view comprehensive logs using your Hepsia CP including the IP address where the attack came from, what the attacker wanted to do and how ModSecurity handled the threat. As we take the security of our clients' Internet sites seriously, we employ a group of commercial rules which we get from one of the best companies that maintain this sort of rules. Our administrators also add custom rules to make certain that your websites will be shielded from as many risks as possible.

ModSecurity in VPS Hosting

All virtual private servers which are offered with the Hepsia Control Panel come with ModSecurity. The firewall is installed and switched on by default for all domains that are hosted on the machine, so there will not be anything special which you'll have to do to protect your sites. It shall take you simply a mouse click to stop ModSecurity if required or to switch on its passive mode so that it records what goes on without taking any steps to prevent intrusions. You'll be able to look at the logs created in passive or active mode from the corresponding section of Hepsia and find out more about the type of the attack, where it came from, what rule the firewall employed to handle it, etc. We use a mixture of commercial and custom rules so as to make certain that ModSecurity shall block as many risks as possible, thus boosting the protection of your web apps as much as possible.

ModSecurity in Dedicated Web Hosting

All of our dedicated servers which are installed with the Hepsia hosting CP include ModSecurity, so any app that you upload or set up will be protected from the very beginning and you'll not have to bother about common attacks or vulnerabilities. A separate section within Hepsia will permit you to start or stop the firewall for any domain or subdomain, or turn on a detection mode so that it records details about intrusions, but doesn't take actions to prevent them. What you will discover in the logs can allow you to to secure your Internet sites better - the IP address an attack originated from, what website was attacked as well as how, what ModSecurity rule was triggered, and so on. With this information, you could see if a site needs an update, whether you need to block IPs from accessing your web server, and so on. On top of the third-party commercial security rules for ModSecurity we use, our administrators add custom ones as well when they find a new threat that is not yet included in the commercial bundle.