ModSecurity is a powerful firewall for Apache web servers that is used to prevent attacks toward web applications. It tracks the HTTP traffic to a given site in real time and stops any intrusion attempts as soon as it identifies them. The firewall uses a set of rules to do that - as an example, trying to log in to a script admin area without success many times sets off one rule, sending a request to execute a particular file that may result in getting access to the site triggers a different rule, etcetera. ModSecurity is amongst the best firewalls out there and it'll protect even scripts that aren't updated frequently since it can prevent attackers from employing known exploits and security holes. Very thorough data about every intrusion attempt is recorded and the logs the firewall keeps are far more comprehensive than the standard logs provided by the Apache server, so you could later take a look at them and decide if you need to take extra measures in order to boost the protection of your script-driven websites.
ModSecurity in Web Hosting
We provide ModSecurity with all web hosting packages, so your Internet applications shall be resistant to harmful attacks. The firewall is switched on by default for all domains and subdomains, but in case you'd like, you will be able to stop it via the respective area of your Hepsia Control Panel. You'll be able to also activate a detection mode, so ModSecurity will keep a log as intended, but will not take any action. The logs that you will discover inside Hepsia are extremely detailed and feature data about the nature of any attack, when it transpired and from what IP address, the firewall rule that was triggered, etc. We employ a set of commercial rules which are constantly updated, but sometimes our admins add custom rules as well in order to better protect the websites hosted on our servers.
ModSecurity in Semi-dedicated Servers
We have integrated ModSecurity as a standard in all semi-dedicated server products, so your web applications will be protected whenever you set them up under any domain or subdomain. The Hepsia Control Panel which is included with the semi-dedicated accounts shall allow you to switch on or disable the firewall for any site with a click. You will also have the ability to activate a passive detection mode in which ModSecurity shall keep a log of potential attacks without actually stopping them. The detailed logs include the nature of the attack and what ModSecurity response this attack activated, where it came from, etc. The list of rules which we use is regularly updated as to match any new risks that may appear on the Internet and it includes both commercial rules that we get from a security firm and custom-written ones that our admins add in the event that they find a threat which is not present in the commercial list yet.
ModSecurity in VPS Servers
ModSecurity is pre-installed on all VPS servers which are set up with the Hepsia hosting CP, so your web programs shall be protected from the instant your server is ready. The firewall is turned on by default for any domain or subdomain on the Virtual Private Server, but if needed, you can disable it with a click from the corresponding section of Hepsia. You may also set it to operate in detection mode, so it'll keep an extensive log of any possible attacks without taking any action to stop them. The logs can be found in the very same section and provide information regarding the nature of the attack, what IP it came from and what ModSecurity rule was initiated to stop it. For optimum security, we employ not only commercial rules from a business operating in the field of web security, but also custom ones which our administrators include manually so as to react to new risks which are still not tackled in the commercial rules.
ModSecurity in Dedicated Servers
ModSecurity comes with all dedicated servers which are set up with our Hepsia Control Panel and you'll not need to do anything specific on your end to use it since it's activated by default whenever you add a new domain or subdomain on your server. In the event that it interferes with some of your apps, you'll be able to stop it via the respective part of Hepsia, or you can leave it in passive mode, so it'll detect attacks and shall still maintain a log for them, but won't stop them. You can look at the logs later to determine what you can do to improve the safety of your sites since you shall find details such as where an intrusion attempt originated from, what Internet site was attacked and based upon what rule ModSecurity reacted, and so forth. The rules that we employ are commercial, thus they're regularly updated by a security firm, but to be on the safe side, our administrators also add custom rules every now and then as to respond to any new threats they have identified.