', 'auto'); ga('send', 'pageview'); ModSecurity
ModSecurity is an efficient firewall for Apache web servers that's employed to stop attacks towards web applications. It tracks the HTTP traffic to a particular site in real time and blocks any intrusion attempts the moment it identifies them. The firewall relies on a set of rules to do that - as an illustration, attempting to log in to a script administrator area unsuccessfully several times sets off one rule, sending a request to execute a certain file which may result in getting access to the Internet site triggers another rule, etc. ModSecurity is one of the best firewalls around and it will preserve even scripts that are not updated regularly as it can prevent attackers from using known exploits and security holes. Very thorough information about every intrusion attempt is recorded and the logs the firewall keeps are much more comprehensive than the regular logs created by the Apache server, so you can later analyze them and determine if you need to take more measures so as to increase the safety of your script-driven sites.

ModSecurity in Shared Web Hosting

ModSecurity is provided with all shared web hosting servers, so if you opt to host your sites with our firm, they will be resistant to a wide array of attacks. The firewall is turned on by default for all domains and subdomains, so there will be nothing you will have to do on your end. You'll be able to stop ModSecurity for any Internet site if required, or to enable a detection mode, so all activity will be recorded, but the firewall won't take any real action. You shall be able to view comprehensive logs from your Hepsia Control Panel including the IP where the attack originated from, what the attacker wished to do and how ModSecurity addressed the threat. Since we take the security of our clients' Internet sites seriously, we employ a collection of commercial rules which we get from one of the best companies that maintain this sort of rules. Our administrators also include custom rules to make certain that your websites shall be resistant to as many risks as possible.

ModSecurity in Semi-dedicated Servers

We've integrated ModSecurity as a standard in all semi-dedicated server products, so your web apps will be protected whenever you set them up under any domain or subdomain. The Hepsia CP that is included with the semi-dedicated accounts shall allow you to enable or turn off the firewall for any website with a mouse click. You will also be able to turn on a passive detection mode with which ModSecurity shall maintain a log of possible attacks without really stopping them. The thorough logs include things like the nature of the attack and what ModSecurity response that attack triggered, where it came from, and so forth. The list of rules which we use is frequently updated as to match any new threats that could appear on the Internet and it includes both commercial rules that we get from a security company and custom-written ones that our administrators add if they find a threat that is not present in the commercial list yet.

ModSecurity in VPS Servers

All VPS servers that are set up with the Hepsia CP come with ModSecurity. The firewall is installed and activated by default for all domains which are hosted on the machine, so there shall not be anything special that you'll need to do to protect your websites. It'll take you simply a mouse click to stop ModSecurity if needed or to switch on its passive mode so that it records what occurs without taking any measures to stop intrusions. You'll be able to view the logs produced in active or passive mode through the corresponding section of Hepsia and learn more about the form of the attack, where it originated from, what rule the firewall used to deal with it, etcetera. We employ a combination of commercial and custom rules in order to make sure that ModSecurity shall block out as many risks as possible, consequently enhancing the protection of your web apps as much as possible.

ModSecurity in Dedicated Servers

ModSecurity is provided with all dedicated servers which are set up with our Hepsia Control Panel and you won't need to do anything specific on your end to employ it as it is turned on by default every time you add a new domain or subdomain on your server. If it disrupts some of your apps, you'll be able to stop it through the respective part of Hepsia, or you can leave it operating in passive mode, so it shall detect attacks and will still keep a log for them, but shall not block them. You could look at the logs later to determine what you can do to improve the protection of your websites as you'll find info such as where an intrusion attempt came from, what site was attacked and based upon what rule ModSecurity responded, etcetera. The rules we use are commercial, therefore they're regularly updated by a security firm, but to be on the safe side, our administrators also include custom rules occasionally in order to respond to any new threats they have identified.