ModSecurity is a highly effective firewall for Apache web servers that is employed to prevent attacks toward web applications. It tracks the HTTP traffic to a specific site in real time and prevents any intrusion attempts as soon as it discovers them. The firewall uses a set of rules to do this - as an illustration, attempting to log in to a script administrator area without success several times activates one rule, sending a request to execute a certain file which could result in accessing the Internet site triggers a different rule, and so forth. ModSecurity is among the best firewalls available and it'll protect even scripts which are not updated often since it can prevent attackers from using known exploits and security holes. Quite comprehensive information about every single intrusion attempt is recorded and the logs the firewall keeps are considerably more detailed than the regular logs created by the Apache server, so you may later analyze them and determine if you need to take more measures so as to enhance the safety of your script-driven Internet sites.
ModSecurity in Shared Website Hosting
We provide ModSecurity with all shared website hosting
plans, so your web applications will be shielded from malicious attacks. The firewall is activated by default for all domains and subdomains, but in case you would like, you shall be able to stop it using the respective part of your Hepsia CP. You could also switch on a detection mode, so ModSecurity shall keep a log as intended, but will not take any action. The logs which you shall discover within Hepsia are extremely detailed and offer info about the nature of any attack, when it transpired and from what IP address, the firewall rule which was triggered, etcetera. We use a set of commercial rules which are often updated, but sometimes our admins include custom rules as well so as to efficiently protect the sites hosted on our servers.
ModSecurity in Semi-dedicated Servers
All semi-dedicated server
plans that we offer come with ModSecurity and since the firewall is enabled by default, any website you create under a domain or a subdomain shall be protected right away. A separate section inside the Hepsia Control Panel that comes with the semi-dedicated accounts is dedicated to ModSecurity and it shall enable you to stop and start the firewall for any site or switch on a detection mode. With the last option, ModSecurity shall not take any action, but it shall still detect possible attacks and will keep all information in a log as if it were completely active. The logs could be found in the same section of the CP and they include info about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to identify and stop it, and so on. The security rules that we use on our servers are a mix of commercial ones from a security business and custom ones created by our system administrators. For that reason, we provide greater security for your web programs as we can defend them from attacks before security companies release updates for brand new threats.
ModSecurity in VPS Servers
ModSecurity comes with all Hepsia-based VPS servers
which we offer and it shall be turned on automatically for every new domain or subdomain you include on the server. In this way, any web app that you install shall be protected immediately without doing anything by hand on your end. The firewall can be handled from the section of the Control Panel that has the same name. This is the area in whichyou could switch off ModSecurity or activate its passive mode, so it shall not take any action towards threats, but shall still maintain a detailed log. The recorded information is available within the same section as well and you shall be able to see what IPs any attacks originated from so that you block them, what the nature of the attempted attacks was and based upon what security rules ModSecurity reacted. The rules we employ on our servers are a mixture between commercial ones that we obtain from a security company and custom ones that are added by our staff to optimize the protection of any web applications hosted on our end.
ModSecurity in Dedicated Servers
All our dedicated servers
which are set up with the Hepsia hosting CP include ModSecurity, so any application which you upload or set up will be protected from the very beginning and you won't need to worry about common attacks or vulnerabilities. A separate section inside Hepsia will allow you to start or stop the firewall for every domain or subdomain, or switch on a detection mode so that it records details about intrusions, but does not take actions to prevent them. What you'll find in the logs can allow you to to secure your Internet sites better - the IP an attack originated from, what site was attacked and how, what ModSecurity rule was triggered, and so forth. With this information, you'll be able to see if a site needs an update, whether you ought to block IPs from accessing your server, and so on. On top of the third-party commercial security rules for ModSecurity we use, our admins include custom ones too every time they discover a new threat that is not yet in the commercial bundle.