ModSecurity is a powerful firewall for Apache web servers which is used to stop attacks against web applications. It keeps track of the HTTP traffic to a given website in real time and blocks any intrusion attempts the instant it detects them. The firewall relies on a set of rules to accomplish that - as an illustration, attempting to log in to a script administrator area unsuccessfully many times sets off one rule, sending a request to execute a specific file that may result in accessing the Internet site triggers another rule, and so on. ModSecurity is one of the best firewalls available on the market and it'll secure even scripts that are not updated on a regular basis as it can prevent attackers from using known exploits and security holes. Very thorough info about each and every intrusion attempt is recorded and the logs the firewall keeps are a lot more specific than the regular logs generated by the Apache server, so you could later take a look at them and determine whether you need to take extra measures in order to improve the protection of your script-driven websites.

ModSecurity in Shared Website Hosting

ModSecurity is available on all shared website hosting servers, so when you opt to host your sites with our firm, they will be resistant to an array of attacks. The firewall is enabled as standard for all domains and subdomains, so there will be nothing you'll have to do on your end. You will be able to stop ModSecurity for any website if needed, or to switch on a detection mode, so all activity shall be recorded, but the firewall won't take any real action. You shall be able to view detailed logs using your Hepsia Control Panel including the IP where the attack came from, what the attacker planned to do and how ModSecurity addressed the threat. Since we take the safety of our customers' Internet sites very seriously, we use a group of commercial rules that we take from one of the leading firms that maintain this sort of rules. Our administrators also add custom rules to make sure that your sites will be protected against as many threats as possible.

ModSecurity in Semi-dedicated Servers

We've included ModSecurity by default inside all semi-dedicated server plans, so your web applications shall be protected whenever you install them under any domain or subdomain. The Hepsia CP which is included with the semi-dedicated accounts will permit you to switch on or disable the firewall for any Internet site with a click. You shall also be able to switch on a passive detection mode with which ModSecurity shall keep a log of possible attacks without really preventing them. The thorough logs contain the nature of the attack and what ModSecurity response this attack triggered, where it originated from, and so forth. The list of rules which we use is frequently updated as to match any new risks that could appear on the Internet and it includes both commercial rules that we get from a security firm and custom-written ones that our administrators include if they discover a threat which is not present within the commercial list yet.

ModSecurity in Dedicated Servers

If you opt to host your websites on a dedicated server with the Hepsia Control Panel, your web applications will be secured right away since ModSecurity is provided with all Hepsia-based plans. You will be able to control the firewall without difficulty and if required, you'll be able to turn it off or switch on its passive mode when it'll only maintain a log of what is taking place without taking any action to stop possible attacks. The logs which you'll find inside the very same section of the CP are very detailed and include info about the attacker IP, what website and file were attacked and in what way, what rule the firewall used to stop the intrusion, and so on. This info will allow you to take measures and improve the protection of your websites even more. To be on the safe side, we use not only commercial rules, but also custom-made ones which our staff include whenever they detect attacks which have not yet been included within the commercial pack.