ModSecurity is a powerful firewall for Apache web servers which is used to prevent attacks towards web apps. It monitors the HTTP traffic to a specific website in real time and prevents any intrusion attempts the instant it discovers them. The firewall uses a set of rules to do that - for instance, attempting to log in to a script administrator area unsuccessfully a few times activates one rule, sending a request to execute a particular file that may result in gaining access to the Internet site triggers a different rule, etcetera. ModSecurity is amongst the best firewalls around and it will secure even scripts that are not updated frequently since it can prevent attackers from using known exploits and security holes. Very thorough info about every single intrusion attempt is recorded and the logs the firewall maintains are considerably more comprehensive than the regular logs provided by the Apache server, so you could later examine them and determine if you need to take additional measures in order to increase the security of your script-driven Internet sites.
ModSecurity in Web Hosting
ModSecurity is provided with all web hosting web servers, so when you opt to host your sites with our organization, they will be protected against a wide range of attacks. The firewall is enabled as standard for all domains and subdomains, so there shall be nothing you will have to do on your end. You'll be able to stop ModSecurity for any website if required, or to activate a detection mode, so that all activity shall be recorded, but the firewall will not take any real action. You shall be able to view specific logs using your Hepsia Control Panel including the IP address where the attack came from, what the attacker planned to do and how ModSecurity handled the threat. As we take the protection of our clients' websites seriously, we use a set of commercial rules which we get from one of the best firms that maintain such rules. Our admins also add custom rules to ensure that your sites will be shielded from as many threats as possible.
ModSecurity in Semi-dedicated Servers
ModSecurity is a part of our semi-dedicated server packages and if you opt to host your sites with us, there won't be anything special you will have to do since the firewall is switched on by default for all domains and subdomains that you add via your hosting CP. If necessary, you'll be able to disable ModSecurity for a certain site or turn on the so-called detection mode in which case the firewall shall still work and record data, but shall not do anything to stop possible attacks against your Internet sites. Detailed logs shall be available in your Control Panel and you'll be able to see what type of attacks took place, what security rules were triggered and how the firewall handled the threats, what IP addresses the attacks originated from, and so on. We use 2 sorts of rules on our servers - commercial ones from a business that operates in the field of web security, and custom ones that our admins occasionally include to respond to newly discovered threats in a timely manner.
ModSecurity in VPS Servers
ModSecurity is pre-installed on all VPS servers which are set up with the Hepsia hosting CP, so your web apps shall be protected from the instant your server is ready. The firewall is switched on by default for any domain or subdomain on the VPS, but if needed, you can disable it with a click from the corresponding section of Hepsia. You may also set it to function in detection mode, so it will keep an extensive log of any possible attacks without taking any action to prevent them. The logs can be found inside the very same section and offer information about the nature of the attack, what IP it came from and what ModSecurity rule was activated to stop it. For maximum security, we employ not simply commercial rules from a firm working in the field of web security, but also custom ones our admins add personally so as to respond to new risks that are still not dealt with in the commercial rules.
ModSecurity in Dedicated Servers
All of our dedicated servers which are installed with the Hepsia hosting CP include ModSecurity, so any program you upload or install will be properly secured from the very beginning and you won't have to worry about common attacks or vulnerabilities. A separate section within Hepsia will enable you to start or stop the firewall for each domain or subdomain, or activate a detection mode so that it records info about intrusions, but does not take actions to prevent them. What you'll discover in the logs can easily allow you to to secure your websites better - the IP an attack originated from, what site was attacked and exactly how, what ModSecurity rule was triggered, and so on. With this data, you can see whether an Internet site needs an update, whether you should block IPs from accessing your hosting server, and so forth. In addition to the third-party commercial security rules for ModSecurity that we use, our administrators add custom ones too every time they discover a new threat that is not yet in the commercial bundle.