ModSecurity is a powerful firewall for Apache web servers that's used to stop attacks against web applications. It monitors the HTTP traffic to a given Internet site in real time and blocks any intrusion attempts the moment it identifies them. The firewall uses a set of rules to do that - as an illustration, attempting to log in to a script admin area without success several times activates one rule, sending a request to execute a certain file which may result in accessing the website triggers a different rule, etc. ModSecurity is among the best firewalls available and it will secure even scripts which are not updated on a regular basis since it can prevent attackers from employing known exploits and security holes. Incredibly comprehensive information about every intrusion attempt is recorded and the logs the firewall maintains are far more detailed than the regular logs provided by the Apache server, so you may later take a look at them and determine whether you need to take more measures so as to enhance the protection of your script-driven sites.
ModSecurity in Shared Web Hosting
ModSecurity comes standard with all shared web hosting
packages that we offer and it will be turned on automatically for any domain or subdomain you add/create inside your Hepsia hosting CP. The firewall has three different modes, so you could activate and disable it with simply a click or set it to detection mode, so it shall maintain a log of all attacks, but it shall not do anything to prevent them. The log for any of your websites shall include comprehensive info which includes the nature of the attack, where it came from, what action was taken by ModSecurity, etc. The firewall rules we use are constantly updated and consist of both commercial ones which we get from a third-party security firm and custom ones our system administrators include in case that they detect a new sort of attacks. That way, the sites that you host here shall be far more secure with no action needed on your end.
ModSecurity in Semi-dedicated Servers
We have integrated ModSecurity by default within all semi-dedicated server
plans, so your web applications shall be protected as soon as you set them up under any domain or subdomain. The Hepsia Control Panel which is included with the semi-dedicated accounts will allow you to enable or disable the firewall for any Internet site with a click. You shall also be able to activate a passive detection mode in which ModSecurity will maintain a log of potential attacks without really preventing them. The thorough logs include things like the nature of the attack and what ModSecurity response that attack caused, where it came from, etcetera. The list of rules which we use is constantly updated as to match any new threats that might appear on the Internet and it comes with both commercial rules that we get from a security business and custom-written ones which our admins add in case they find a threat that is not present within the commercial list yet.
ModSecurity in VPS Servers
ModSecurity comes with all Hepsia-based VPS servers
that we offer and it'll be activated automatically for any new domain or subdomain you include on the server. That way, any web app which you install will be secured from the very beginning without doing anything by hand on your end. The firewall may be managed from the section of the Control Panel that has the same name. This is the area whereyou can turn off ModSecurity or activate its passive mode, so it will not take any action towards threats, but will still maintain a comprehensive log. The recorded data is available inside the same area as well and you shall be able to see what IPs any attacks originated from so that you can block them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity reacted. The rules which we use on our servers are a combination between commercial ones we get from a security company and custom ones which are added by our staff to improve the protection of any web applications hosted on our end.
ModSecurity in Dedicated Servers
ModSecurity comes with all dedicated servers
that are integrated with our Hepsia CP and you'll not need to do anything specific on your end to use it because it's activated by default every time you add a new domain or subdomain on your server. If it disrupts some of your programs, you shall be able to stop it via the respective area of Hepsia, or you could leave it in passive mode, so it shall identify attacks and shall still maintain a log for them, but will not block them. You could look at the logs later to determine what you can do to boost the safety of your websites since you will find information such as where an intrusion attempt originated from, what Internet site was attacked and in accordance with what rule ModSecurity responded, and so forth. The rules we employ are commercial, therefore they are frequently updated by a security provider, but to be on the safe side, our staff also include custom rules once in a while as to respond to any new threats they have identified.