ModSecurity is an effective firewall for Apache web servers that is used to prevent attacks towards web applications. It monitors the HTTP traffic to a particular Internet site in real time and blocks any intrusion attempts the moment it discovers them. The firewall uses a set of rules to do this - for instance, trying to log in to a script administration area without success several times sets off one rule, sending a request to execute a particular file that may result in getting access to the site triggers another rule, and so on. ModSecurity is one of the best firewalls around and it will secure even scripts which are not updated regularly because it can prevent attackers from employing known exploits and security holes. Incredibly detailed data about every single intrusion attempt is recorded and the logs the firewall maintains are a lot more detailed than the conventional logs created by the Apache server, so you can later examine them and determine if you need to take additional measures so as to boost the protection of your script-driven sites.
ModSecurity in Shared Hosting
We offer ModSecurity with all shared hosting plans, so your Internet applications will be protected against malicious attacks. The firewall is activated by default for all domains and subdomains, but in case you would like, you'll be able to stop it through the respective section of your Hepsia CP. You'll be able to also activate a detection mode, so ModSecurity shall keep a log as intended, but will not take any action. The logs that you will discover in Hepsia are incredibly detailed and include info about the nature of any attack, when it took place and from what IP, the firewall rule which was triggered, etc. We use a group of commercial rules that are often updated, but sometimes our administrators add custom rules as well in order to efficiently protect the Internet sites hosted on our servers.
ModSecurity in Semi-dedicated Servers
All semi-dedicated server packages which we offer feature ModSecurity and since the firewall is enabled by default, any Internet site which you set up under a domain or a subdomain shall be protected right away. A separate section within the Hepsia CP which comes with the semi-dedicated accounts is dedicated to ModSecurity and it will allow you to start and stop the firewall for any site or enable a detection mode. With the last mentioned, ModSecurity will not take any action, but it shall still identify possible attacks and will keep all information in a log as if it were 100% active. The logs can be found in the same section of the Control Panel and they offer details about the IP where an attack came from, what its nature was, what rule ModSecurity applies to identify and stop it, etc. The security rules we use on our machines are a mix between commercial ones from a security business and custom ones made by our system administrators. As a result, we offer greater security for your web apps as we can shield them from attacks even before security corporations release updates for brand new threats.
ModSecurity in VPS Servers
ModSecurity is included with all Hepsia-based VPS servers we offer and it will be turned on automatically for every new domain or subdomain which you add on the web server. This way, any web app you install shall be protected right away without doing anything personally on your end. The firewall may be handled from the section of the Control Panel that bears the same name. This is the location whereyou could disable ModSecurity or let its passive mode, so it will not take any action toward threats, but will still maintain a thorough log. The recorded info is available inside the same section as well and you will be able to see what IPs any attacks came from to enable you to block them, what the nature of the attempted attacks was and based upon what security rules ModSecurity responded. The rules we employ on our servers are a mix between commercial ones that we get from a security organization and custom ones that are added by our staff to improve the protection of any web applications hosted on our end.
ModSecurity in Dedicated Servers
ModSecurity is provided with all dedicated servers that are integrated with our Hepsia CP and you will not have to do anything specific on your end to employ it as it's switched on by default every time you include a new domain or subdomain on your hosting server. In the event that it disrupts some of your apps, you shall be able to stop it via the respective area of Hepsia, or you can leave it in passive mode, so it shall recognize attacks and shall still keep a log for them, but won't block them. You'll be able to examine the logs later to learn what you can do to boost the safety of your sites as you'll find information such as where an intrusion attempt came from, what website was attacked and based upon what rule ModSecurity responded, and so on. The rules that we employ are commercial, therefore they're frequently updated by a security company, but to be on the safe side, our administrators also add custom rules occasionally as to react to any new threats they have discovered.