ModSecurity is a highly effective firewall for Apache web servers that is used to prevent attacks towards web applications. It tracks the HTTP traffic to a given website in real time and prevents any intrusion attempts the instant it discovers them. The firewall relies on a set of rules to accomplish that - as an illustration, trying to log in to a script administrator area unsuccessfully several times triggers one rule, sending a request to execute a specific file which could result in getting access to the Internet site triggers another rule, and so on. ModSecurity is among the best firewalls around and it will secure even scripts which are not updated regularly since it can prevent attackers from employing known exploits and security holes. Incredibly thorough info about each intrusion attempt is recorded and the logs the firewall keeps are a lot more specific than the standard logs generated by the Apache server, so you may later examine them and determine if you need to take additional measures so as to increase the protection of your script-driven websites.
ModSecurity in Website Hosting
We offer ModSecurity with all website hosting
solutions, so your web apps shall be protected against malicious attacks. The firewall is activated as standard for all domains and subdomains, but in case you would like, you'll be able to stop it via the respective part of your Hepsia CP. You'll be able to also switch on a detection mode, so ModSecurity will keep a log as intended, but shall not take any action. The logs that you will find within Hepsia are extremely detailed and feature info about the nature of any attack, when it occurred and from what IP, the firewall rule which was triggered, and so forth. We use a group of commercial rules which are frequently updated, but sometimes our administrators include custom rules as well so as to better protect the Internet sites hosted on our servers.
ModSecurity in Semi-dedicated Hosting
We've integrated ModSecurity by default in all semi-dedicated hosting
plans, so your web apps will be protected as soon as you set them up under any domain or subdomain. The Hepsia Control Panel that comes with the semi-dedicated accounts shall allow you to enable or turn off the firewall for any site with a mouse click. You shall also be able to activate a passive detection mode with which ModSecurity shall keep a log of potential attacks without actually preventing them. The thorough logs contain the nature of the attack and what ModSecurity response that attack activated, where it came from, etcetera. The list of rules which we use is frequently updated as to match any new threats that might appear on the Internet and it includes both commercial rules that we get from a security firm and custom-written ones that our admins include if they find a threat that is not present within the commercial list yet.
ModSecurity in VPS Hosting
All virtual private servers
that are offered with the Hepsia Control Panel feature ModSecurity. The firewall is set up and turned on by default for all domains which are hosted on the web server, so there will not be anything special which you will have to do to protect your sites. It will take you only a click to stop ModSecurity if required or to switch on its passive mode so that it records what occurs without taking any measures to stop intrusions. You will be able to look at the logs created in active or passive mode via the corresponding section of Hepsia and find out more about the type of the attack, where it came from, what rule the firewall employed to handle it, and so forth. We employ a mix of commercial and custom rules in order to make sure that ModSecurity shall stop as many risks as possible, hence enhancing the security of your web apps as much as possible.
ModSecurity in Dedicated Web Hosting
If you choose to host your sites on a dedicated server
with the Hepsia CP, your web programs will be secured right away because ModSecurity is supplied with all Hepsia-based solutions. You'll be able to control the firewall easily and if required, you shall be able to turn it off or switch on its passive mode when it will only keep a log of what's going on without taking any action to prevent possible attacks. The logs that you'll find in the same section of the CP are incredibly detailed and contain info about the attacker IP address, what site and file were attacked and in what way, what rule the firewall used to prevent the intrusion, etcetera. This information shall enable you to take measures and improve the protection of your Internet sites even more. To be on the safe side, we use not only commercial rules, but also custom-made ones that our staff add every time they detect attacks which have not yet been included inside the commercial pack.