ModSecurity is an efficient firewall for Apache web servers that's used to prevent attacks toward web applications. It keeps track of the HTTP traffic to a certain Internet site in real time and stops any intrusion attempts as soon as it identifies them. The firewall uses a set of rules to do that - as an example, attempting to log in to a script administration area unsuccessfully several times activates one rule, sending a request to execute a certain file which could result in accessing the Internet site triggers another rule, etcetera. ModSecurity is amongst the best firewalls available and it will preserve even scripts which are not updated regularly as it can prevent attackers from using known exploits and security holes. Incredibly detailed info about every intrusion attempt is recorded and the logs the firewall keeps are considerably more detailed than the regular logs created by the Apache server, so you could later analyze them and decide whether you need to take extra measures so as to increase the protection of your script-driven sites.

ModSecurity in Shared Website Hosting

ModSecurity comes by default with all shared website hosting plans that we offer and it'll be activated automatically for any domain or subdomain that you add/create in your Hepsia hosting CP. The firewall has three different modes, so you could switch on and disable it with just a click or set it to detection mode, so it shall maintain a log of all attacks, but it will not do anything to prevent them. The log for each of your sites will contain detailed info such as the nature of the attack, where it originated from, what action was taken by ModSecurity, etc. The firewall rules we use are frequently updated and comprise of both commercial ones we get from a third-party security company and custom ones that our system administrators include in the event that they detect a new type of attacks. That way, the Internet sites you host here will be much more protected without any action required on your end.

ModSecurity in Semi-dedicated Hosting

Any web app which you set up inside your new semi-dedicated hosting account shall be protected by ModSecurity as the firewall comes with all our hosting packages and is turned on by default for any domain and subdomain you include or create via your Hepsia hosting CP. You'll be able to manage ModSecurity via a dedicated area in Hepsia where not simply can you activate or deactivate it entirely, but you may also activate a passive mode, so the firewall will not stop anything, but it will still keep an archive of possible attacks. This normally requires simply a click and you'll be able to see the logs regardless if ModSecurity is in active or passive mode through the same section - what the attack was and where it came from, how it was handled, etc. The firewall employs two sets of rules on our machines - a commercial one which we get from a third-party web security provider and a custom one which our administrators update manually as to respond to recently discovered threats as soon as possible.

ModSecurity in VPS

All virtual private servers that are offered with the Hepsia CP include ModSecurity. The firewall is installed and activated by default for all domains which are hosted on the machine, so there will not be anything special that you'll need to do to protect your websites. It shall take you a click to stop ModSecurity if needed or to activate its passive mode so that it records what occurs without taking any steps to stop intrusions. You will be able to see the logs generated in passive or active mode from the corresponding section of Hepsia and find out more about the type of the attack, where it came from, what rule the firewall employed to deal with it, etc. We use a combination of commercial and custom rules in order to ensure that ModSecurity will stop as many risks as possible, therefore enhancing the protection of your web applications as much as possible.

ModSecurity in Dedicated Hosting

ModSecurity is provided with all dedicated servers which are integrated with our Hepsia Control Panel and you'll not need to do anything specific on your end to employ it because it's switched on by default whenever you include a new domain or subdomain on your web server. In case it interferes with any of your applications, you shall be able to stop it via the respective part of Hepsia, or you could leave it in passive mode, so it'll detect attacks and will still maintain a log for them, but will not stop them. You could look at the logs later to learn what you can do to increase the security of your sites as you will find details such as where an intrusion attempt came from, what website was attacked and based on what rule ModSecurity reacted, etcetera. The rules we employ are commercial, thus they're regularly updated by a security firm, but to be on the safe side, our admins also include custom rules from time to time as to respond to any new threats they have found.