ModSecurity is an efficient firewall for Apache web servers that's used to stop attacks toward web applications. It keeps track of the HTTP traffic to a specific site in real time and stops any intrusion attempts the moment it discovers them. The firewall uses a set of rules to accomplish that - as an illustration, trying to log in to a script administrator area without success several times activates one rule, sending a request to execute a certain file which may result in gaining access to the site triggers a different rule, etcetera. ModSecurity is among the best firewalls available and it'll secure even scripts that aren't updated on a regular basis as it can prevent attackers from using known exploits and security holes. Incredibly detailed info about every single intrusion attempt is recorded and the logs the firewall maintains are much more detailed than the regular logs created by the Apache server, so you could later take a look at them and determine whether you need to take more measures in order to boost the security of your script-driven Internet sites.

ModSecurity in Shared Web Hosting

ModSecurity is provided with all shared web hosting servers, so when you choose to host your sites with our firm, they'll be shielded from an array of attacks. The firewall is turned on as standard for all domains and subdomains, so there will be nothing you will need to do on your end. You shall be able to stop ModSecurity for any site if required, or to activate a detection mode, so that all activity will be recorded, but the firewall won't take any real action. You'll be able to view specific logs via your Hepsia Control Panel including the IP address where the attack came from, what the attacker wanted to do and how ModSecurity addressed the threat. As we take the protection of our clients' sites seriously, we use a set of commercial rules that we get from one of the leading companies that maintain this type of rules. Our administrators also add custom rules to make certain that your websites shall be resistant to as many risks as possible.

ModSecurity in Semi-dedicated Hosting

We've included ModSecurity by default within all semi-dedicated hosting packages, so your web applications shall be protected the instant you install them under any domain or subdomain. The Hepsia CP which comes with the semi-dedicated accounts shall permit you to switch on or disable the firewall for any website with a click. You shall also be able to activate a passive detection mode in which ModSecurity will maintain a log of possible attacks without really stopping them. The thorough logs include the nature of the attack and what ModSecurity response that attack triggered, where it originated from, and so on. The list of rules we employ is constantly updated in order to match any new risks which could appear on the Internet and it features both commercial rules that we get from a security corporation and custom-written ones that our administrators add if they discover a threat that is not present inside the commercial list yet.

ModSecurity in Dedicated Hosting

If you choose to host your websites on a dedicated server with the Hepsia Control Panel, your web apps shall be protected right away as ModSecurity is provided with all Hepsia-based plans. You'll be able to control the firewall without difficulty and if necessary, you'll be able to turn it off or switch on its passive mode when it'll only maintain a log of what is taking place without taking any action to prevent possible attacks. The logs which you'll find inside the exact same section of the CP are really detailed and feature info about the attacker IP address, what website and file were attacked and in what ways, what rule the firewall used to stop the intrusion, and so on. This data will allow you to take measures and increase the security of your Internet sites even more. To be on the safe side, we use not just commercial rules, but also custom-made ones that our staff include every time they identify attacks that have not yet been included within the commercial pack.