ModSecurity is an effective firewall for Apache web servers that's employed to prevent attacks towards web applications. It monitors the HTTP traffic to a particular website in real time and stops any intrusion attempts the moment it discovers them. The firewall uses a set of rules to do that - for example, trying to log in to a script administration area unsuccessfully a few times sets off one rule, sending a request to execute a specific file that could result in accessing the Internet site triggers a different rule, and so forth. ModSecurity is amongst the best firewalls around and it will preserve even scripts that aren't updated regularly since it can prevent attackers from using known exploits and security holes. Very thorough information about every intrusion attempt is recorded and the logs the firewall keeps are much more detailed than the standard logs provided by the Apache server, so you may later analyze them and decide whether you need to take additional measures in order to enhance the safety of your script-driven sites.
ModSecurity in Shared Hosting
ModSecurity comes standard with all shared hosting solutions which we supply and it'll be switched on automatically for any domain or subdomain that you add/create in your Hepsia hosting CP. The firewall has 3 different modes, so you could activate and disable it with only a mouse click or set it to detection mode, so it shall maintain a log of all attacks, but it will not do anything to prevent them. The log for any of your websites will include elaborate info which includes the nature of the attack, where it originated from, what action was taken by ModSecurity, etcetera. The firewall rules which we use are regularly updated and consist of both commercial ones that we get from a third-party security firm and custom ones our system admins add in case that they detect a new sort of attacks. In this way, the Internet sites that you host here will be far more protected with no action needed on your end.
ModSecurity in Semi-dedicated Servers
All semi-dedicated server packages that we offer include ModSecurity and because the firewall is switched on by default, any Internet site which you set up under a domain or a subdomain shall be secured right from the start. An individual section inside the Hepsia CP which comes with the semi-dedicated accounts is devoted to ModSecurity and it will enable you to start and stop the firewall for any Internet site or enable a detection mode. With the last option, ModSecurity won't take any action, but it shall still detect possible attacks and will keep all data within a log as if it were completely active. The logs can be found inside the same section of the Control Panel and they include specifics about the IP where an attack came from, what its nature was, what rule ModSecurity applies to recognize and stop it, and so on. The security rules that we use on our web servers are a mix between commercial ones from a security company and custom ones made by our system admins. Consequently, we provide higher security for your web applications as we can protect them from attacks before security firms release updates for completely new threats.
ModSecurity in VPS Servers
All VPS servers which are set up with the Hepsia CP include ModSecurity. The firewall is set up and turned on by default for all domains that are hosted on the machine, so there will not be anything special which you shall have to do to protect your websites. It shall take you just a mouse click to stop ModSecurity if necessary or to activate its passive mode so that it records what goes on without taking any actions to prevent intrusions. You shall be able to look at the logs created in active or passive mode from the corresponding section of Hepsia and learn more about the form of the attack, where it came from, what rule the firewall employed to take care of it, etc. We employ a mixture of commercial and custom rules so as to make certain that ModSecurity shall stop as many threats as possible, consequently enhancing the protection of your web applications as much as possible.
ModSecurity in Dedicated Servers
ModSecurity is offered as standard with all dedicated servers which are set up with the Hepsia CP and is set to “Active” automatically for any domain you host or subdomain you create on the web server. In case that a web app does not operate properly, you can either turn off the firewall or set it to function in passive mode. The latter means that ModSecurity shall maintain a log of any potential attack which might happen, but shall not take any action to stop it. The logs generated in passive or active mode shall give you additional details about the exact file which was attacked, the type of the attack and the IP address it came from, etc. This info shall enable you to choose what measures you can take to boost the protection of your sites, such as blocking IPs or carrying out script and plugin updates. The ModSecurity rules we use are updated often with a commercial pack from a third-party security provider we work with, but occasionally our staff add their own rules also if they come across a new potential threat.