ModSecurity is a highly effective firewall for Apache web servers that's employed to stop attacks towards web apps. It tracks the HTTP traffic to a particular website in real time and stops any intrusion attempts as soon as it discovers them. The firewall uses a set of rules to do that - as an illustration, trying to log in to a script admin area without success several times sets off one rule, sending a request to execute a specific file that could result in accessing the site triggers another rule, and so on. ModSecurity is among the best firewalls available and it'll secure even scripts which are not updated often as it can prevent attackers from using known exploits and security holes. Very thorough data about each intrusion attempt is recorded and the logs the firewall maintains are considerably more detailed than the regular logs generated by the Apache server, so you can later take a look at them and decide if you need to take extra measures so as to boost the protection of your script-driven sites.

ModSecurity in Cloud Hosting

We provide ModSecurity with all cloud hosting plans, so your web applications shall be resistant to malicious attacks. The firewall is switched on by default for all domains and subdomains, but in case you would like, you'll be able to stop it through the respective section of your Hepsia CP. You can also switch on a detection mode, so ModSecurity will keep a log as intended, but won't take any action. The logs that you'll find inside Hepsia are quite detailed and offer information about the nature of any attack, when it occurred and from what IP, the firewall rule which was triggered, and so on. We employ a range of commercial rules which are regularly updated, but sometimes our admins include custom rules as well so as to better protect the websites hosted on our servers.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting plans which we offer feature ModSecurity and because the firewall is enabled by default, any website that you set up under a domain or a subdomain will be protected right from the start. A separate section in the Hepsia CP that comes with the semi-dedicated accounts is dedicated to ModSecurity and it will permit you to stop and start the firewall for any site or enable a detection mode. With the latter, ModSecurity will not take any action, but it will still recognize possible attacks and will keep all info in a log as if it were completely active. The logs can be found in the same section of the Control Panel and they offer specifics about the IP where an attack came from, what its nature was, what rule ModSecurity applies to detect and stop it, etc. The security rules which we use on our web servers are a mix of commercial ones from a security company and custom ones created by our system admins. Therefore, we provide increased security for your web apps as we can protect them from attacks before security companies release updates for new threats.

ModSecurity in VPS

ModSecurity is pre-installed on all virtual private servers which are provided with the Hepsia hosting CP, so your web apps shall be protected from the second your server is in a position. The firewall is turned on by default for any domain or subdomain on the VPS, but if needed, you could disable it with a click of your mouse via the corresponding section of Hepsia. You can also set it to operate in detection mode, so it will maintain an extensive log of any possible attacks without taking any action to prevent them. The logs are available within the same section and include info about the nature of the attack, what IP it originated from and what ModSecurity rule was activated to stop it. For best security, we use not just commercial rules from a company working in the field of web security, but also custom ones that our admins add manually in order to respond to new threats which are still not addressed in the commercial rules.