ModSecurity is a powerful firewall for Apache web servers which is employed to stop attacks toward web apps. It monitors the HTTP traffic to a given Internet site in real time and prevents any intrusion attempts the moment it discovers them. The firewall uses a set of rules to do that - as an illustration, attempting to log in to a script administrator area without success a few times triggers one rule, sending a request to execute a particular file that could result in getting access to the website triggers another rule, and so forth. ModSecurity is one of the best firewalls available on the market and it'll protect even scripts which are not updated regularly because it can prevent attackers from using known exploits and security holes. Quite detailed data about each intrusion attempt is recorded and the logs the firewall maintains are far more comprehensive than the conventional logs created by the Apache server, so you may later analyze them and determine whether you need to take more measures so as to increase the safety of your script-driven sites.
ModSecurity in Web Hosting
ModSecurity comes standard with all web hosting solutions that we supply and it will be activated automatically for any domain or subdomain that you add/create inside your Hepsia hosting Control Panel. The firewall has three different modes, so you'll be able to activate and deactivate it with a mouse click or set it to detection mode, so it'll maintain a log of all attacks, but it will not do anything to stop them. The log for each of your sites shall feature in-depth info such as the nature of the attack, where it originated from, what action was taken by ModSecurity, etcetera. The firewall rules which we use are regularly updated and comprise of both commercial ones we get from a third-party security firm and custom ones which our system administrators include in case that they detect a new kind of attacks. This way, the websites you host here will be much more secure without any action needed on your end.
ModSecurity in Semi-dedicated Servers
We have incorporated ModSecurity as a standard inside all semi-dedicated server packages, so your web apps will be protected the instant you install them under any domain or subdomain. The Hepsia CP that is included with the semi-dedicated accounts shall permit you to activate or disable the firewall for any Internet site with a click. You will also be able to switch on a passive detection mode through which ModSecurity will maintain a log of potential attacks without really preventing them. The thorough logs include the nature of the attack and what ModSecurity response this attack generated, where it originated from, and so on. The list of rules we use is regularly updated in order to match any new threats that might appear on the Internet and it includes both commercial rules that we get from a security business and custom-written ones that our admins include in case they find a threat that's not present in the commercial list yet.
ModSecurity in VPS Servers
All VPS servers which are provided with the Hepsia Control Panel come with ModSecurity. The firewall is set up and switched on by default for all domains which are hosted on the machine, so there shall not be anything special which you shall have to do to protect your Internet sites. It shall take you only a click to stop ModSecurity if required or to activate its passive mode so that it records what goes on without taking any steps to prevent intrusions. You will be able to look at the logs produced in passive or active mode from the corresponding section of Hepsia and find out more about the form of the attack, where it originated from, what rule the firewall employed to handle it, etcetera. We use a combination of commercial and custom rules so as to ensure that ModSecurity will prevent as many threats as possible, thus boosting the protection of your web apps as much as possible.
ModSecurity in Dedicated Servers
When you choose to host your sites on a dedicated server with the Hepsia Control Panel, your web applications will be protected right from the start since ModSecurity is available with all Hepsia-based packages. You will be able to control the firewall with ease and if necessary, you shall be able to turn it off or enable its passive mode when it'll only keep a log of what is occurring without taking any action to prevent possible attacks. The logs that you'll find in the exact same section of the CP are very detailed and include details about the attacker IP address, what website and file were attacked and in what way, what rule the firewall used to stop the intrusion, etcetera. This data shall enable you to take measures and improve the security of your Internet sites even more. To be on the safe side, we employ not just commercial rules, but also custom-made ones which our administrators add when they recognize attacks that have not yet been included in the commercial pack.