ModSecurity is an efficient firewall for Apache web servers that is used to stop attacks towards web applications. It tracks the HTTP traffic to a given website in real time and prevents any intrusion attempts the instant it detects them. The firewall relies on a set of rules to accomplish that - as an illustration, trying to log in to a script administration area without success a few times activates one rule, sending a request to execute a particular file that may result in gaining access to the Internet site triggers another rule, etc. ModSecurity is amongst the best firewalls on the market and it'll preserve even scripts which aren't updated frequently since it can prevent attackers from employing known exploits and security holes. Quite thorough information about every intrusion attempt is recorded and the logs the firewall keeps are considerably more comprehensive than the conventional logs generated by the Apache server, so you can later examine them and determine if you need to take extra measures in order to improve the safety of your script-driven websites.

ModSecurity in Web Hosting

ModSecurity is available on all web hosting machines, so when you opt to host your sites with our company, they'll be resistant to a wide array of attacks. The firewall is enabled by default for all domains and subdomains, so there will be nothing you shall need to do on your end. You will be able to stop ModSecurity for any site if needed, or to switch on a detection mode, so all activity will be recorded, but the firewall shall not take any real action. You will be able to view comprehensive logs from your Hepsia Control Panel including the IP where the attack originated from, what the attacker wished to do and how ModSecurity dealt with the threat. As we take the safety of our clients' websites very seriously, we use a selection of commercial rules which we take from one of the best companies which maintain this kind of rules. Our admins also add custom rules to make certain that your websites shall be resistant to as many threats as possible.

ModSecurity in Semi-dedicated Servers

We've integrated ModSecurity as a standard within all semi-dedicated server packages, so your web apps shall be protected the instant you set them up under any domain or subdomain. The Hepsia Control Panel that comes with the semi-dedicated accounts shall permit you to activate or disable the firewall for any website with a click. You will also have the ability to activate a passive detection mode with which ModSecurity will maintain a log of possible attacks without really preventing them. The thorough logs include the nature of the attack and what ModSecurity response that attack triggered, where it originated from, and so on. The list of rules we use is frequently updated in order to match any new risks which could appear on the Internet and it includes both commercial rules that we get from a security firm and custom-written ones which our admins include if they find a threat that is not present inside the commercial list yet.

ModSecurity in VPS Servers

Protection is very important to us, so we install ModSecurity on all VPS servers which are set up with the Hepsia Control Panel as a standard. The firewall could be managed through a dedicated section within Hepsia and is switched on automatically when you include a new domain or generate a subdomain, so you'll not have to do anything manually. You'll also be able to deactivate it or switch on the so-called detection mode, so it will maintain a log of potential attacks which you can later examine, but shall not prevent them. The logs in both passive and active modes offer information about the kind of the attack and how it was eliminated, what IP address it originated from and other important information which could help you to tighten the security of your sites by updating them or blocking IPs, for example. In addition to the commercial rules which we get for ModSecurity from a third-party security enterprise, we also employ our own rules as every now and then we detect specific attacks that aren't yet present inside the commercial pack. That way, we can boost the protection of your VPS in a timely manner instead of waiting for a certified update.

ModSecurity in Dedicated Servers

All of our dedicated servers which are set up with the Hepsia hosting Control Panel include ModSecurity, so any application which you upload or install shall be protected from the very beginning and you'll not have to stress about common attacks or vulnerabilities. A separate section within Hepsia will enable you to start or stop the firewall for every domain or subdomain, or switch on a detection mode so that it records details about intrusions, but doesn't take actions to stop them. What you will see in the logs can easily help you to secure your websites better - the IP address an attack originated from, what website was attacked and how, what ModSecurity rule was triggered, etc. With this info, you'll be able to see if an Internet site needs an update, if you ought to block IPs from accessing your server, etc. In addition to the third-party commercial security rules for ModSecurity we use, our admins include custom ones too when they find a new threat that's not yet a part of the commercial bundle.