ModSecurity is an efficient firewall for Apache web servers which is used to stop attacks toward web apps. It keeps track of the HTTP traffic to a particular Internet site in real time and stops any intrusion attempts the instant it detects them. The firewall relies on a set of rules to do that - as an example, attempting to log in to a script admin area without success several times activates one rule, sending a request to execute a certain file which could result in accessing the Internet site triggers a different rule, and so forth. ModSecurity is amongst the best firewalls available on the market and it'll secure even scripts that are not updated often since it can prevent attackers from using known exploits and security holes. Quite thorough info about every intrusion attempt is recorded and the logs the firewall keeps are far more specific than the regular logs created by the Apache server, so you could later analyze them and decide if you need to take more measures in order to boost the safety of your script-driven websites.

ModSecurity in Shared Hosting

We offer ModSecurity with all shared hosting plans, so your Internet apps will be protected against harmful attacks. The firewall is activated as standard for all domains and subdomains, but if you would like, you'll be able to stop it using the respective section of your Hepsia Control Panel. You'll be able to also activate a detection mode, so ModSecurity will keep a log as intended, but shall not take any action. The logs that you'll find in Hepsia are incredibly detailed and feature info about the nature of any attack, when it transpired and from what IP, the firewall rule that was triggered, etc. We use a group of commercial rules which are constantly updated, but sometimes our administrators include custom rules as well in order to efficiently protect the websites hosted on our servers.

ModSecurity in Semi-dedicated Hosting

Any web app which you set up within your new semi-dedicated hosting account shall be protected by ModSecurity since the firewall comes with all our hosting solutions and is activated by default for any domain and subdomain which you include or create through your Hepsia hosting CP. You'll be able to manage ModSecurity through a dedicated area inside Hepsia where not simply can you activate or deactivate it fully, but you could also enable a passive mode, so the firewall shall not block anything, but it will still keep a record of possible attacks. This requires just a click and you shall be able to look at the logs regardless of if ModSecurity is in passive or active mode through the same section - what the attack was and where it originated from, how it was addressed, etc. The firewall uses 2 groups of rules on our servers - a commercial one that we get from a third-party web security provider and a custom one which our administrators update personally as to respond to newly discovered threats immediately.

ModSecurity in VPS

ModSecurity is pre-installed on all virtual private servers that are provided with the Hepsia hosting CP, so your web applications shall be protected from the second your server is ready. The firewall is turned on by default for any domain or subdomain on the VPS, but if required, you can disable it with a click through the corresponding section of Hepsia. You can also set it to work in detection mode, so it'll keep a detailed log of any possible attacks without taking any action to prevent them. The logs can be found within the very same section and include information about the nature of the attack, what IP it originated from and what ModSecurity rule was triggered to stop it. For maximum security, we employ not only commercial rules from a company operating in the field of web security, but also custom ones which our admins include manually in order to respond to new risks that are still not addressed in the commercial rules.

ModSecurity in Dedicated Hosting

If you decide to host your sites on a dedicated server with the Hepsia CP, your web apps shall be protected straight away as ModSecurity is provided with all Hepsia-based plans. You shall be able to regulate the firewall with ease and if needed, you will be able to turn it off or activate its passive mode when it'll only keep a log of what is going on without taking any action to prevent potential attacks. The logs that you'll find inside the same section of the CP are extremely detailed and include details about the attacker IP, what website and file were attacked and in what way, what rule the firewall used to prevent the intrusion, etc. This information shall enable you to take measures and boost the security of your Internet sites even more. To be on the safe side, we use not only commercial rules, but also custom-made ones which our admins add when they recognize attacks that have not yet been included in the commercial pack.