ModSecurity is an efficient firewall for Apache web servers that is used to stop attacks toward web applications. It tracks the HTTP traffic to a given site in real time and blocks any intrusion attempts the moment it discovers them. The firewall uses a set of rules to accomplish that - for instance, attempting to log in to a script administration area unsuccessfully many times triggers one rule, sending a request to execute a specific file which may result in getting access to the Internet site triggers a different rule, etcetera. ModSecurity is amongst the best firewalls around and it will preserve even scripts that are not updated often since it can prevent attackers from employing known exploits and security holes. Quite detailed info about each intrusion attempt is recorded and the logs the firewall maintains are a lot more comprehensive than the regular logs created by the Apache server, so you may later analyze them and determine whether you need to take more measures in order to improve the security of your script-driven Internet sites.
ModSecurity in Cloud Website Hosting
ModSecurity is provided with all cloud website hosting servers, so if you choose to host your Internet sites with our business, they shall be shielded from a wide range of attacks. The firewall is turned on by default for all domains and subdomains, so there will be nothing you will have to do on your end. You'll be able to stop ModSecurity for any Internet site if needed, or to activate a detection mode, so that all activity will be recorded, but the firewall will not take any real action. You will be able to view specific logs from your Hepsia CP including the IP where the attack came from, what the attacker wanted to do and how ModSecurity addressed the threat. As we take the protection of our clients' sites very seriously, we employ a group of commercial rules which we take from one of the best companies that maintain this type of rules. Our admins also include custom rules to make sure that your websites shall be resistant to as many risks as possible.
ModSecurity in Semi-dedicated Hosting
We've included ModSecurity as a standard within all semi-dedicated hosting plans, so your web apps will be protected whenever you set them up under any domain or subdomain. The Hepsia Control Panel which comes with the semi-dedicated accounts will allow you to enable or turn off the firewall for any Internet site with a click. You shall also have the ability to turn on a passive detection mode with which ModSecurity shall keep a log of possible attacks without really preventing them. The detailed logs include the nature of the attack and what ModSecurity response that attack initiated, where it came from, and so on. The list of rules which we use is constantly updated as to match any new threats which may appear on the Internet and it consists of both commercial rules that we get from a security corporation and custom-written ones that our administrators add in the event that they discover a threat which is not present within the commercial list yet.
ModSecurity in VPS
ModSecurity is pre-installed on all virtual private servers that are provided with the Hepsia hosting Control Panel, so your web programs shall be secured from the instant your server is ready. The firewall is activated by default for any domain or subdomain on the VPS, but if necessary, you can deactivate it with a mouse click via the corresponding section of Hepsia. You can also set it to work in detection mode, so it'll maintain a comprehensive log of any potential attacks without taking any action to prevent them. The logs can be found inside the exact same section and include information regarding the nature of the attack, what IP address it originated from and what ModSecurity rule was triggered to stop it. For maximum security, we employ not only commercial rules from a company working in the field of web security, but also custom ones our administrators add personally so as to respond to new threats that are still not dealt with in the commercial rules.
ModSecurity in Dedicated Hosting
All our dedicated servers which are set up with the Hepsia hosting CP feature ModSecurity, so any application you upload or set up shall be secured from the very beginning and you'll not have to worry about common attacks or vulnerabilities. A separate section within Hepsia will allow you to start or stop the firewall for every domain or subdomain, or turn on a detection mode so that it records information regarding intrusions, but doesn't take actions to prevent them. What you will discover in the logs can allow you to to secure your Internet sites better - the IP address an attack originated from, what website was attacked and how, what ModSecurity rule was triggered, etcetera. With this information, you could see if an Internet site needs an update, whether you should block IPs from accessing your hosting server, etcetera. Aside from the third-party commercial security rules for ModSecurity that we use, our admins add custom ones as well whenever they find a new threat which is not yet in the commercial bundle.