ModSecurity is an efficient firewall for Apache web servers that's employed to stop attacks against web apps. It tracks the HTTP traffic to a given website in real time and blocks any intrusion attempts the moment it identifies them. The firewall relies on a set of rules to accomplish that - for example, attempting to log in to a script admin area unsuccessfully many times sets off one rule, sending a request to execute a certain file that could result in getting access to the website triggers another rule, and so forth. ModSecurity is among the best firewalls available on the market and it'll secure even scripts that are not updated frequently because it can prevent attackers from using known exploits and security holes. Quite thorough info about every single intrusion attempt is recorded and the logs the firewall keeps are considerably more specific than the standard logs generated by the Apache server, so you could later analyze them and decide if you need to take additional measures in order to increase the security of your script-driven Internet sites.
ModSecurity in Shared Hosting
ModSecurity is provided with all shared hosting servers, so if you opt to host your websites with our firm, they shall be resistant to a wide array of attacks. The firewall is turned on as standard for all domains and subdomains, so there shall be nothing you'll need to do on your end. You shall be able to stop ModSecurity for any site if required, or to activate a detection mode, so that all activity will be recorded, but the firewall won't take any real action. You will be able to view detailed logs using your Hepsia Control Panel including the IP address where the attack originated from, what the attacker wanted to do and how ModSecurity dealt with the threat. As we take the protection of our customers' websites very seriously, we employ a set of commercial rules that we get from one of the leading companies which maintain this sort of rules. Our admins also add custom rules to make certain that your Internet sites will be resistant to as many threats as possible.
ModSecurity in Semi-dedicated Hosting
Any web program which you install within your new semi-dedicated hosting account will be protected by ModSecurity because the firewall is provided with all our hosting solutions and is turned on by default for any domain and subdomain which you include or create using your Hepsia hosting CP. You'll be able to manage ModSecurity through a dedicated area within Hepsia where not only can you activate or deactivate it entirely, but you can also activate a passive mode, so the firewall won't block anything, but it will still maintain an archive of possible attacks. This requires simply a click and you shall be able to see the logs regardless of if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was addressed, and so on. The firewall uses two sets of rules on our web servers - a commercial one that we get from a third-party web security provider and a custom one which our administrators update personally in order to respond to newly discovered threats immediately.
ModSecurity in Dedicated Web Hosting
If you opt to host your Internet sites on a dedicated server with the Hepsia Control Panel, your web applications will be secured immediately as ModSecurity is supplied with all Hepsia-based solutions. You will be able to regulate the firewall with ease and if necessary, you shall be able to turn it off or enable its passive mode when it'll only maintain a log of what is taking place without taking any action to prevent potential attacks. The logs which you'll find inside the exact same section of the Control Panel are quite detailed and feature information about the attacker IP, what website and file were attacked and in what ways, what rule the firewall employed to prevent the intrusion, and so on. This info will permit you to take measures and increase the security of your sites even more. To be on the safe side, we use not only commercial rules, but also custom-made ones which our admins add when they recognize attacks which have not yet been included within the commercial pack.