ModSecurity is an efficient firewall for Apache web servers that's employed to stop attacks towards web applications. It keeps track of the HTTP traffic to a particular site in real time and blocks any intrusion attempts as soon as it identifies them. The firewall relies on a set of rules to do that - as an illustration, trying to log in to a script administration area without success a few times triggers one rule, sending a request to execute a certain file that may result in gaining access to the Internet site triggers another rule, and so forth. ModSecurity is among the best firewalls around and it will preserve even scripts that aren't updated frequently as it can prevent attackers from using known exploits and security holes. Very comprehensive data about each intrusion attempt is recorded and the logs the firewall keeps are far more comprehensive than the standard logs created by the Apache server, so you can later analyze them and determine if you need to take extra measures in order to increase the protection of your script-driven sites.

ModSecurity in Cloud Web Hosting

ModSecurity is available on all cloud web hosting web servers, so if you decide to host your websites with our company, they will be resistant to a wide array of attacks. The firewall is enabled by default for all domains and subdomains, so there'll be nothing you'll need to do on your end. You will be able to stop ModSecurity for any Internet site if needed, or to switch on a detection mode, so that all activity will be recorded, but the firewall won't take any real action. You shall be able to view detailed logs from your Hepsia Control Panel including the IP where the attack came from, what the attacker wanted to do and how ModSecurity dealt with the threat. Since we take the protection of our customers' websites seriously, we employ a set of commercial rules that we take from one of the leading firms that maintain this sort of rules. Our admins also add custom rules to make sure that your websites will be protected against as many threats as possible.

ModSecurity in Semi-dedicated Hosting

We have incorporated ModSecurity by default in all semi-dedicated hosting packages, so your web apps will be protected as soon as you install them under any domain or subdomain. The Hepsia Control Panel which is included with the semi-dedicated accounts will permit you to enable or disable the firewall for any site with a click. You'll also have the ability to turn on a passive detection mode with which ModSecurity will maintain a log of potential attacks without really stopping them. The thorough logs include the nature of the attack and what ModSecurity response that attack activated, where it originated from, and so on. The list of rules which we employ is constantly updated as to match any new threats which may appear on the Internet and it features both commercial rules that we get from a security business and custom-written ones that our admins add if they discover a threat that's not present inside the commercial list yet.

ModSecurity in VPS Hosting

Safety is extremely important to us, so we install ModSecurity on all virtual private servers which are set up with the Hepsia Control Panel as a standard. The firewall can be managed via a dedicated section within Hepsia and is switched on automatically when you include a new domain or create a subdomain, so you will not have to do anything by hand. You shall also be able to disable it or activate the so-called detection mode, so it'll maintain a log of potential attacks which you can later study, but won't prevent them. The logs in both passive and active modes offer info regarding the kind of the attack and how it was eliminated, what IP address it originated from and other valuable info which could help you to tighten the security of your sites by updating them or blocking IPs, for example. Beyond the commercial rules which we get for ModSecurity from a third-party security firm, we also implement our own rules since from time to time we detect specific attacks which are not yet present in the commercial pack. That way, we can improve the security of your Virtual private server promptly as opposed to awaiting a certified update.

ModSecurity in Dedicated Web Hosting

ModSecurity is offered by default with all dedicated servers which are set up with the Hepsia CP and is set to “Active” automatically for any domain which you host or subdomain you create on the server. Just in case that a web application does not operate correctly, you may either turn off the firewall or set it to operate in passive mode. The second means that ModSecurity shall keep a log of any possible attack that may take place, but won't take any action to stop it. The logs created in passive or active mode will present you with more details about the exact file that was attacked, the type of the attack and the IP address it came from, etc. This info shall enable you to decide what actions you can take to enhance the security of your sites, including blocking IPs or carrying out script and plugin updates. The ModSecurity rules we use are updated often with a commercial bundle from a third-party security company we work with, but occasionally our staff include their own rules as well in case they identify a new potential threat.