ModSecurity is a powerful firewall for Apache web servers that's used to stop attacks against web apps. It tracks the HTTP traffic to a specific site in real time and stops any intrusion attempts the moment it detects them. The firewall uses a set of rules to accomplish that - for instance, trying to log in to a script administrator area without success a few times sets off one rule, sending a request to execute a specific file that may result in getting access to the website triggers a different rule, and so on. ModSecurity is one of the best firewalls around and it will protect even scripts that aren't updated often as it can prevent attackers from using known exploits and security holes. Incredibly detailed info about every intrusion attempt is recorded and the logs the firewall maintains are considerably more detailed than the conventional logs provided by the Apache server, so you could later take a look at them and decide whether you need to take additional measures so as to boost the security of your script-driven websites.

ModSecurity in Shared Website Hosting

ModSecurity comes by default with all shared website hosting solutions that we offer and it will be activated automatically for any domain or subdomain that you add/create within your Hepsia hosting Control Panel. The firewall has 3 different modes, so you could activate and disable it with just a click or set it to detection mode, so it'll maintain a log of all attacks, but it will not do anything to stop them. The log for any of your websites will include elaborate information such as the nature of the attack, where it originated from, what action was taken by ModSecurity, etc. The firewall rules which we use are regularly updated and include both commercial ones that we get from a third-party security company and custom ones that our system admins add in case that they detect a new sort of attacks. In this way, the websites which you host here will be way more secure without any action expected on your end.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server plans that we offer come with ModSecurity and since the firewall is enabled by default, any website you build under a domain or a subdomain shall be protected right away. An individual section inside the Hepsia Control Panel that comes with the semi-dedicated accounts is devoted to ModSecurity and it will enable you to stop and start the firewall for any website or enable a detection mode. With the last option, ModSecurity shall not take any action, but it'll still identify possible attacks and will keep all data within a log as if it were fully active. The logs could be found inside the exact same section of the Control Panel and they feature specifics about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to detect and stop it, etc. The security rules we employ on our machines are a mix between commercial ones from a security business and custom ones developed by our system administrators. Consequently, we offer greater security for your web apps as we can shield them from attacks before security firms release updates for completely new threats.

ModSecurity in VPS Servers

ModSecurity is pre-installed on all VPS servers which are provided with the Hepsia hosting Control Panel, so your web programs shall be secured from the second your server is ready. The firewall is switched on by default for any domain or subdomain on the VPS, but if needed, you can disable it with a click via the corresponding section of Hepsia. You can also set it to function in detection mode, so it shall keep a detailed log of any possible attacks without taking any action to prevent them. The logs can be found within the very same section and include information regarding the nature of the attack, what IP it originated from and what ModSecurity rule was activated to stop it. For best security, we employ not just commercial rules from a firm operating in the field of web security, but also custom ones which our admins add manually so as to react to new threats that are still not dealt with in the commercial rules.

ModSecurity in Dedicated Servers

When you choose to host your websites on a dedicated server with the Hepsia Control Panel, your web apps shall be protected right away because ModSecurity is supplied with all Hepsia-based solutions. You'll be able to regulate the firewall effortlessly and if needed, you'll be able to turn it off or switch on its passive mode when it shall only maintain a log of what's occurring without taking any action to stop potential attacks. The logs that you can find within the same section of the CP are very detailed and feature data about the attacker IP, what site and file were attacked and in what ways, what rule the firewall used to prevent the intrusion, and so forth. This data will enable you to take measures and boost the protection of your websites even more. To be on the safe side, we employ not just commercial rules, but also custom-made ones that our administrators include whenever they detect attacks that have not yet been included in the commercial pack.