ModSecurity is an effective firewall for Apache web servers that is used to stop attacks toward web apps. It keeps track of the HTTP traffic to a certain website in real time and prevents any intrusion attempts as soon as it detects them. The firewall uses a set of rules to accomplish that - as an example, attempting to log in to a script administration area without success several times activates one rule, sending a request to execute a certain file that may result in getting access to the website triggers another rule, and so forth. ModSecurity is one of the best firewalls around and it'll preserve even scripts which are not updated frequently as it can prevent attackers from employing known exploits and security holes. Very thorough information about every intrusion attempt is recorded and the logs the firewall keeps are considerably more detailed than the standard logs generated by the Apache server, so you can later examine them and decide if you need to take more measures in order to enhance the security of your script-driven websites.
ModSecurity in Shared Hosting
ModSecurity is offered with each and every shared hosting plan that we offer and it is turned on by default for any domain or subdomain which you include via your Hepsia CP. If it disrupts any of your apps or you'd like to disable it for whatever reason, you shall be able to accomplish that through the ModSecurity section of Hepsia with just a mouse click. You can also activate a passive mode, so the firewall will recognize potential attacks and maintain a log, but shall not take any action. You could view detailed logs in the very same section, including the IP where the attack originated from, what precisely the attacker aimed to do and at what time, what ModSecurity did, etc. For maximum safety of our customers we use a group of commercial firewall rules mixed with custom ones which are added by our system admins.
ModSecurity in Semi-dedicated Servers
We have incorporated ModSecurity by default within all semi-dedicated server products, so your web apps will be protected as soon as you set them up under any domain or subdomain. The Hepsia Control Panel that comes with the semi-dedicated accounts shall permit you to enable or disable the firewall for any website with a click. You shall also be able to turn on a passive detection mode in which ModSecurity will keep a log of possible attacks without really preventing them. The thorough logs contain the nature of the attack and what ModSecurity response this attack activated, where it originated from, and so forth. The list of rules we employ is frequently updated in order to match any new threats which may appear on the Internet and it consists of both commercial rules that we get from a security company and custom-written ones which our administrators include in the event that they discover a threat which is not present within the commercial list yet.
ModSecurity in VPS Servers
ModSecurity is pre-installed on all VPS servers which are offered with the Hepsia hosting Control Panel, so your web applications will be secured from the moment your server is ready. The firewall is switched on by default for any domain or subdomain on the VPS, but if necessary, you'll be able to disable it with a click from the corresponding section of Hepsia. You could also set it to work in detection mode, so it will maintain a detailed log of any possible attacks without taking any action to prevent them. The logs can be found inside the exact same section and include information about the nature of the attack, what IP it came from and what ModSecurity rule was activated to stop it. For best security, we employ not only commercial rules from a company operating in the field of web security, but also custom ones which our administrators include personally so as to respond to new risks which are still not dealt with in the commercial rules.
ModSecurity in Dedicated Servers
When you choose to host your Internet sites on a dedicated server with the Hepsia Control Panel, your web programs shall be protected right from the start as ModSecurity is available with all Hepsia-based packages. You'll be able to regulate the firewall without difficulty and if necessary, you'll be able to turn it off or enable its passive mode when it'll only keep a log of what's taking place without taking any action to stop possible attacks. The logs which you'll find within the exact same section of the CP are quite detailed and contain data about the attacker IP, what website and file were attacked and in what ways, what rule the firewall employed to stop the intrusion, etc. This info shall enable you to take measures and enhance the protection of your websites even more. To be on the safe side, we use not just commercial rules, but also custom-made ones which our admins add when they recognize attacks which have not yet been included within the commercial pack.