ModSecurity is a highly effective firewall for Apache web servers that is employed to prevent attacks towards web apps. It monitors the HTTP traffic to a certain site in real time and stops any intrusion attempts as soon as it discovers them. The firewall uses a set of rules to accomplish that - for instance, attempting to log in to a script administration area unsuccessfully a few times activates one rule, sending a request to execute a certain file which could result in getting access to the Internet site triggers another rule, and so forth. ModSecurity is among the best firewalls on the market and it will protect even scripts which are not updated often since it can prevent attackers from employing known exploits and security holes. Very thorough info about each intrusion attempt is recorded and the logs the firewall keeps are far more specific than the standard logs provided by the Apache server, so you could later take a look at them and determine if you need to take more measures so as to increase the protection of your script-driven Internet sites.
ModSecurity in Cloud Website Hosting
We offer ModSecurity with all cloud website hosting plans, so your Internet applications shall be resistant to malicious attacks. The firewall is activated as standard for all domains and subdomains, but if you'd like, you will be able to stop it using the respective area of your Hepsia CP. You'll be able to also activate a detection mode, so ModSecurity shall keep a log as intended, but shall not take any action. The logs which you shall find within Hepsia are extremely detailed and offer info about the nature of any attack, when it transpired and from what IP, the firewall rule that was triggered, etcetera. We employ a group of commercial rules which are often updated, but sometimes our administrators include custom rules as well in order to better protect the Internet sites hosted on our servers.
ModSecurity in Semi-dedicated Hosting
All semi-dedicated hosting packages that we offer include ModSecurity and because the firewall is switched on by default, any Internet site that you set up under a domain or a subdomain shall be protected right from the start. An individual section in the Hepsia Control Panel that comes with the semi-dedicated accounts is devoted to ModSecurity and it shall enable you to stop and start the firewall for any Internet site or switch on a detection mode. With the latter, ModSecurity won't take any action, but it'll still detect possible attacks and shall keep all info inside a log as if it were fully active. The logs can be found inside the very same section of the CP and they feature information about the IP where an attack came from, what its nature was, what rule ModSecurity applies to identify and stop it, and so forth. The security rules we use on our web servers are a mix between commercial ones from a security firm and custom ones developed by our system administrators. For that reason, we offer higher security for your web applications as we can protect them from attacks before security corporations release updates for brand new threats.
ModSecurity in VPS
ModSecurity is pre-installed on all virtual private servers which are provided with the Hepsia hosting CP, so your web programs shall be protected from the second your server is ready. The firewall is turned on by default for any domain or subdomain on the Virtual Private Server, but if necessary, you can disable it with a mouse click through the corresponding section of Hepsia. You can also set it to work in detection mode, so it will maintain a detailed log of any potential attacks without taking any action to prevent them. The logs are available within the very same section and include information about the nature of the attack, what IP it originated from and what ModSecurity rule was initiated to stop it. For maximum security, we employ not only commercial rules from a company working in the field of web security, but also custom ones our administrators add personally so as to respond to new risks that are still not dealt with in the commercial rules.
ModSecurity in Dedicated Hosting
If you decide to host your websites on a dedicated server with the Hepsia CP, your web apps will be secured immediately because ModSecurity is available with all Hepsia-based packages. You shall be able to manage the firewall without difficulty and if required, you'll be able to turn it off or switch on its passive mode when it will only keep a log of what's going on without taking any action to prevent possible attacks. The logs which you can find in the exact same section of the CP are very detailed and feature details about the attacker IP address, what website and file were attacked and in what ways, what rule the firewall used to prevent the intrusion, etc. This info will allow you to take measures and enhance the protection of your websites even more. To be on the safe side, we use not just commercial rules, but also custom-made ones that our administrators include when they detect attacks that have not yet been included within the commercial pack.