ModSecurity is a highly effective firewall for Apache web servers which is used to stop attacks towards web apps. It keeps track of the HTTP traffic to a certain Internet site in real time and stops any intrusion attempts the moment it detects them. The firewall relies on a set of rules to do this - as an example, trying to log in to a script administration area unsuccessfully many times triggers one rule, sending a request to execute a specific file that may result in getting access to the website triggers another rule, etc. ModSecurity is amongst the best firewalls on the market and it'll protect even scripts that aren't updated on a regular basis since it can prevent attackers from using known exploits and security holes. Quite comprehensive info about every intrusion attempt is recorded and the logs the firewall keeps are a lot more specific than the regular logs created by the Apache server, so you can later analyze them and decide whether you need to take more measures in order to boost the security of your script-driven websites.
ModSecurity in Shared Hosting
ModSecurity is supplied with all shared hosting machines, so when you opt to host your Internet sites with our organization, they will be shielded from an array of attacks. The firewall is turned on by default for all domains and subdomains, so there will be nothing you'll need to do on your end. You'll be able to stop ModSecurity for any website if required, or to enable a detection mode, so that all activity shall be recorded, but the firewall shall not take any real action. You shall be able to view comprehensive logs using your Hepsia CP including the IP where the attack came from, what the attacker planned to do and how ModSecurity addressed the threat. Since we take the safety of our clients' sites seriously, we use a selection of commercial rules which we take from one of the best companies that maintain this type of rules. Our admins also add custom rules to make certain that your sites shall be shielded from as many risks as possible.
ModSecurity in Semi-dedicated Servers
We've integrated ModSecurity by default in all semi-dedicated server packages, so your web apps shall be protected whenever you install them under any domain or subdomain. The Hepsia CP that is included with the semi-dedicated accounts shall permit you to activate or disable the firewall for any Internet site with a mouse click. You'll also be able to switch on a passive detection mode with which ModSecurity will maintain a log of possible attacks without actually preventing them. The comprehensive logs include the nature of the attack and what ModSecurity response that attack triggered, where it came from, etc. The list of rules we use is constantly updated as to match any new threats that may appear on the Internet and it consists of both commercial rules that we get from a security firm and custom-written ones which our admins add in case they find a threat that is not present in the commercial list yet.
ModSecurity in VPS Servers
ModSecurity is pre-installed on all VPS servers which are offered with the Hepsia hosting Control Panel, so your web programs shall be protected from the moment your server is ready. The firewall is activated by default for any domain or subdomain on the Virtual Private Server, but if needed, you can disable it with a click through the corresponding section of Hepsia. You may also set it to operate in detection mode, so it will keep an extensive log of any possible attacks without taking any action to prevent them. The logs can be found in the exact same section and offer information about the nature of the attack, what IP it originated from and what ModSecurity rule was activated to stop it. For best security, we employ not simply commercial rules from a firm working in the field of web security, but also custom ones that our administrators add manually in order to react to new threats that are still not addressed in the commercial rules.
ModSecurity in Dedicated Servers
When you opt to host your websites on a dedicated server with the Hepsia Control Panel, your web applications shall be protected straight away since ModSecurity is provided with all Hepsia-based plans. You'll be able to regulate the firewall with ease and if needed, you will be able to turn it off or activate its passive mode when it'll only keep a log of what's happening without taking any action to stop possible attacks. The logs which you can find within the very same section of the Control Panel are quite detailed and contain details about the attacker IP address, what site and file were attacked and in what ways, what rule the firewall used to stop the intrusion, etcetera. This info shall permit you to take measures and improve the protection of your sites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones that our admins include every time they recognize attacks which have not yet been included inside the commercial pack.