ModSecurity is a highly effective firewall for Apache web servers that's employed to prevent attacks towards web applications. It tracks the HTTP traffic to a certain website in real time and prevents any intrusion attempts the instant it detects them. The firewall relies on a set of rules to accomplish that - as an illustration, trying to log in to a script administrator area without success many times sets off one rule, sending a request to execute a specific file that could result in getting access to the website triggers another rule, and so on. ModSecurity is among the best firewalls on the market and it will protect even scripts that are not updated often since it can prevent attackers from using known exploits and security holes. Very comprehensive data about every single intrusion attempt is recorded and the logs the firewall keeps are much more specific than the regular logs provided by the Apache server, so you could later examine them and determine whether you need to take extra measures so as to improve the security of your script-driven sites.

ModSecurity in Shared Hosting

ModSecurity comes standard with all shared hosting solutions that we provide and it shall be turned on automatically for any domain or subdomain you add/create inside your Hepsia hosting CP. The firewall has three different modes, so you'll be able to activate and deactivate it with a click or set it to detection mode, so it shall maintain a log of all attacks, but it shall not do anything to stop them. The log for any of your Internet sites will include elaborate info including the nature of the attack, where it originated from, what action was taken by ModSecurity, and so forth. The firewall rules that we use are regularly updated and include both commercial ones we get from a third-party security company and custom ones our system admins include in case that they detect a new kind of attacks. This way, the sites you host here shall be way more secure with no action required on your end.

ModSecurity in Semi-dedicated Hosting

Any web app that you set up inside your new semi-dedicated hosting account will be protected by ModSecurity since the firewall is included with all our hosting packages and is activated by default for any domain and subdomain which you add or create through your Hepsia hosting Control Panel. You shall be able to manage ModSecurity through a dedicated section inside Hepsia where not only can you activate or deactivate it fully, but you may also switch on a passive mode, so the firewall will not stop anything, but it will still keep a record of potential attacks. This requires only a click and you will be able to view the logs regardless if ModSecurity is in passive or active mode through the same section - what the attack was and where it came from, how it was addressed, and so on. The firewall uses 2 groups of rules on our servers - a commercial one which we get from a third-party web security company and a custom one which our admins update personally as to respond to newly discovered risks immediately.

ModSecurity in VPS Hosting

Safety is of the utmost importance to us, so we set up ModSecurity on all virtual private servers that are made available with the Hepsia CP by default. The firewall could be managed through a dedicated section in Hepsia and is switched on automatically when you include a new domain or generate a subdomain, so you'll not need to do anything personally. You shall also be able to disable it or activate the so-called detection mode, so it'll maintain a log of possible attacks you can later examine, but won't block them. The logs in both passive and active modes include details about the form of the attack and how it was stopped, what IP it originated from and other valuable data that could help you to tighten the security of your sites by updating them or blocking IPs, for example. Besides the commercial rules we get for ModSecurity from a third-party security firm, we also employ our own rules as every now and then we detect specific attacks which aren't yet present inside the commercial pack. That way, we can easily increase the protection of your Virtual private server in a timely manner rather than awaiting a certified update.

ModSecurity in Dedicated Web Hosting

All our dedicated servers which are installed with the Hepsia hosting Control Panel come with ModSecurity, so any app you upload or install shall be secured from the very beginning and you'll not need to concern yourself with common attacks or vulnerabilities. An individual section within Hepsia will permit you to start or stop the firewall for each domain or subdomain, or turn on a detection mode so that it records info about intrusions, but doesn't take actions to prevent them. What you will see in the logs can enable you to to secure your Internet sites better - the IP an attack originated from, what website was attacked and in what way, what ModSecurity rule was triggered, etc. With this data, you can see if a site needs an update, if you need to block IPs from accessing your web server, etc. Aside from the third-party commercial security rules for ModSecurity we use, our administrators add custom ones too if they discover a new threat that's not yet included in the commercial bundle.