ModSecurity is a highly effective firewall for Apache web servers which is employed to stop attacks against web applications. It keeps track of the HTTP traffic to a given website in real time and stops any intrusion attempts the instant it identifies them. The firewall uses a set of rules to do that - for example, attempting to log in to a script administration area unsuccessfully several times triggers one rule, sending a request to execute a certain file that may result in gaining access to the site triggers a different rule, etcetera. ModSecurity is among the best firewalls available on the market and it will preserve even scripts which aren't updated frequently since it can prevent attackers from employing known exploits and security holes. Quite comprehensive data about each and every intrusion attempt is recorded and the logs the firewall maintains are a lot more specific than the conventional logs generated by the Apache server, so you could later examine them and determine if you need to take more measures in order to improve the security of your script-driven sites.
ModSecurity in Website Hosting
ModSecurity can be found with every single website hosting plan that we provide and it's turned on by default for any domain or subdomain which you add through your Hepsia CP. In the event that it interferes with any of your programs or you'd like to disable it for any reason, you shall be able to do that through the ModSecurity area of Hepsia with merely a click. You could also activate a passive mode, so the firewall will detect possible attacks and maintain a log, but will not take any action. You could view extensive logs in the very same section, including the IP address where the attack came from, what exactly the attacker aimed to do and at what time, what ModSecurity did, etc. For optimum safety of our customers we use a collection of commercial firewall rules blended with custom ones which are included by our system administrators.
ModSecurity in Semi-dedicated Hosting
All semi-dedicated hosting plans which we offer feature ModSecurity and because the firewall is turned on by default, any site you set up under a domain or a subdomain will be secured right from the start. An individual section in the Hepsia Control Panel which comes with the semi-dedicated accounts is dedicated to ModSecurity and it'll allow you to stop and start the firewall for any Internet site or switch on a detection mode. With the last option, ModSecurity won't take any action, but it shall still recognize possible attacks and shall keep all information within a log as if it were fully active. The logs can be found inside the exact same section of the CP and they include info about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to detect and stop it, etcetera. The security rules that we use on our servers are a mix of commercial ones from a security firm and custom ones developed by our system admins. Consequently, we provide higher security for your web applications as we can protect them from attacks before security businesses release updates for completely new threats.
ModSecurity in VPS
All virtual private servers which are set up with the Hepsia Control Panel come with ModSecurity. The firewall is installed and turned on by default for all domains which are hosted on the server, so there will not be anything special which you'll need to do to protect your websites. It'll take you simply a mouse click to stop ModSecurity if necessary or to activate its passive mode so that it records what goes on without taking any actions to prevent intrusions. You will be able to see the logs generated in passive or active mode via the corresponding section of Hepsia and discover more about the form of the attack, where it originated from, what rule the firewall used to handle it, etc. We employ a mixture of commercial and custom rules so as to make sure that ModSecurity will prevent as many risks as possible, thus enhancing the protection of your web programs as much as possible.
ModSecurity in Dedicated Hosting
If you opt to host your Internet sites on a dedicated server with the Hepsia CP, your web programs shall be secured right away as ModSecurity is available with all Hepsia-based packages. You will be able to regulate the firewall with ease and if necessary, you'll be able to turn it off or activate its passive mode when it will only maintain a log of what is happening without taking any action to stop possible attacks. The logs which you will find in the very same section of the Control Panel are really detailed and contain information about the attacker IP address, what website and file were attacked and in what ways, what rule the firewall employed to prevent the intrusion, and so on. This info will allow you to take measures and boost the security of your websites even more. To be on the safe side, we use not only commercial rules, but also custom-made ones that our admins add every time they recognize attacks which haven't yet been included within the commercial pack.