ModSecurity is a highly effective firewall for Apache web servers that is used to stop attacks toward web applications. It keeps track of the HTTP traffic to a certain website in real time and prevents any intrusion attempts as soon as it detects them. The firewall uses a set of rules to accomplish that - as an example, attempting to log in to a script administrator area unsuccessfully several times activates one rule, sending a request to execute a particular file that may result in getting access to the Internet site triggers another rule, and so on. ModSecurity is among the best firewalls around and it'll secure even scripts that aren't updated frequently since it can prevent attackers from employing known exploits and security holes. Very thorough data about each intrusion attempt is recorded and the logs the firewall keeps are far more detailed than the regular logs generated by the Apache server, so you may later examine them and determine if you need to take additional measures in order to increase the security of your script-driven sites.
ModSecurity in Hosting
We provide ModSecurity with all hosting plans, so your Internet applications shall be resistant to harmful attacks. The firewall is switched on by default for all domains and subdomains, but in case you would like, you'll be able to stop it using the respective area of your Hepsia CP. You'll be able to also activate a detection mode, so ModSecurity will keep a log as intended, but won't take any action. The logs which you will find within Hepsia are very detailed and offer information about the nature of any attack, when it occurred and from what IP, the firewall rule that was triggered, and so forth. We employ a set of commercial rules which are regularly updated, but sometimes our administrators add custom rules as well so as to better protect the Internet sites hosted on our machines.
ModSecurity in Semi-dedicated Hosting
We have integrated ModSecurity as a standard in all semi-dedicated hosting plans, so your web apps will be protected the instant you set them up under any domain or subdomain. The Hepsia CP which comes with the semi-dedicated accounts will permit you to enable or turn off the firewall for any Internet site with a click. You'll also be able to activate a passive detection mode with which ModSecurity will maintain a log of potential attacks without actually stopping them. The thorough logs include things like the nature of the attack and what ModSecurity response that attack initiated, where it came from, etcetera. The list of rules which we employ is constantly updated as to match any new threats which might appear on the Internet and it features both commercial rules that we get from a security firm and custom-written ones which our admins include in case they discover a threat which is not present within the commercial list yet.
ModSecurity in VPS
ModSecurity is pre-installed on all virtual private servers which are provided with the Hepsia hosting Control Panel, so your web applications will be secured from the instant your server is in a position. The firewall is switched on by default for any domain or subdomain on the VPS, but if necessary, you'll be able to deactivate it with a click of your mouse from the corresponding section of Hepsia. You can also set it to work in detection mode, so it'll keep a comprehensive log of any potential attacks without taking any action to prevent them. The logs can be found inside the exact same section and include information regarding the nature of the attack, what IP address it originated from and what ModSecurity rule was activated to stop it. For optimum security, we use not just commercial rules from a company working in the field of web security, but also custom ones that our administrators add personally in order to respond to new risks which are still not tackled in the commercial rules.
ModSecurity in Dedicated Hosting
ModSecurity is provided with all dedicated servers which are integrated with our Hepsia CP and you'll not have to do anything specific on your end to employ it because it is switched on by default every time you include a new domain or subdomain on your web server. In case it disrupts some of your apps, you shall be able to stop it via the respective section of Hepsia, or you could leave it in passive mode, so it will detect attacks and shall still maintain a log for them, but will not block them. You can look at the logs later to find out what you can do to increase the security of your Internet sites as you will find info such as where an intrusion attempt came from, what site was attacked and based on what rule ModSecurity reacted, and so on. The rules which we use are commercial, hence they're frequently updated by a security provider, but to be on the safe side, our administrators also include custom rules from time to time in order to respond to any new threats they have discovered.