ModSecurity is a highly effective firewall for Apache web servers that is employed to stop attacks towards web applications. It monitors the HTTP traffic to a certain Internet site in real time and prevents any intrusion attempts the instant it detects them. The firewall relies on a set of rules to accomplish that - for instance, attempting to log in to a script administrator area without success a few times sets off one rule, sending a request to execute a specific file which may result in accessing the Internet site triggers another rule, etcetera. ModSecurity is one of the best firewalls out there and it will secure even scripts that aren't updated on a regular basis as it can prevent attackers from using known exploits and security holes. Incredibly detailed info about every intrusion attempt is recorded and the logs the firewall maintains are much more comprehensive than the conventional logs generated by the Apache server, so you may later analyze them and determine if you need to take additional measures so as to increase the security of your script-driven Internet sites.

ModSecurity in Shared Hosting

ModSecurity comes standard with all shared hosting packages which we offer and it will be switched on automatically for any domain or subdomain that you add/create in your Hepsia hosting CP. The firewall has three different modes, so you can switch on and deactivate it with a mouse click or set it to detection mode, so it'll maintain a log of all attacks, but it'll not do anything to prevent them. The log for any of your Internet sites will include comprehensive info which includes the nature of the attack, where it originated from, what action was taken by ModSecurity, etc. The firewall rules that we use are constantly updated and include both commercial ones we get from a third-party security business and custom ones which our system administrators add in the event that they detect a new sort of attacks. That way, the Internet sites which you host here will be a lot more secure without any action expected on your end.

ModSecurity in Semi-dedicated Hosting

Any web application which you set up inside your new semi-dedicated hosting account will be protected by ModSecurity since the firewall is provided with all our hosting plans and is turned on by default for any domain and subdomain you include or create using your Hepsia hosting CP. You will be able to manage ModSecurity via a dedicated area in Hepsia where not only can you activate or deactivate it fully, but you can also switch on a passive mode, so the firewall won't stop anything, but it'll still keep a record of potential attacks. This requires only a mouse click and you will be able to look at the logs no matter if ModSecurity is in active or passive mode through the same section - what the attack was and where it came from, how it was taken care of, etcetera. The firewall employs 2 sets of rules on our servers - a commercial one which we get from a third-party web security firm and a custom one which our admins update personally in order to respond to newly discovered threats as quickly as possible.

ModSecurity in Dedicated Hosting

When you opt to host your websites on a dedicated server with the Hepsia Control Panel, your web apps will be protected straight away because ModSecurity is provided with all Hepsia-based plans. You'll be able to manage the firewall effortlessly and if necessary, you shall be able to turn it off or enable its passive mode when it shall only maintain a log of what is taking place without taking any action to prevent potential attacks. The logs that you'll find within the very same section of the CP are very detailed and feature information about the attacker IP address, what website and file were attacked and in what way, what rule the firewall employed to prevent the intrusion, etc. This data shall allow you to take measures and increase the security of your sites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones that our admins add when they detect attacks that haven't yet been included in the commercial pack.