ModSecurity is a powerful firewall for Apache web servers which is employed to prevent attacks against web apps. It keeps track of the HTTP traffic to a given website in real time and blocks any intrusion attempts as soon as it detects them. The firewall uses a set of rules to do that - for instance, trying to log in to a script admin area without success several times sets off one rule, sending a request to execute a certain file which could result in getting access to the Internet site triggers a different rule, etc. ModSecurity is amongst the best firewalls available on the market and it will protect even scripts which aren't updated often as it can prevent attackers from employing known exploits and security holes. Quite comprehensive info about every intrusion attempt is recorded and the logs the firewall maintains are far more comprehensive than the regular logs generated by the Apache server, so you could later analyze them and determine whether you need to take extra measures in order to enhance the security of your script-driven Internet sites.
ModSecurity in Shared Hosting
ModSecurity is available with each and every shared hosting solution which we provide and it's activated by default for any domain or subdomain that you include through your Hepsia CP. If it interferes with any of your programs or you'd like to disable it for whatever reason, you shall be able to do that through the ModSecurity section of Hepsia with only a mouse click. You can also use a passive mode, so the firewall will recognize potential attacks and keep a log, but shall not take any action. You could see detailed logs in the very same section, including the IP where the attack originated from, what exactly the attacker attempted to do and at what time, what ModSecurity did, and so forth. For maximum security of our customers we use a group of commercial firewall rules mixed with custom ones which are provided by our system admins.
ModSecurity in Semi-dedicated Servers
ModSecurity is a part of our semi-dedicated server solutions and if you decide to host your sites with our company, there will not be anything special you'll have to do as the firewall is switched on by default for all domains and subdomains which you include via your hosting Control Panel. If necessary, you could disable ModSecurity for a given website or activate the so-called detection mode in which case the firewall shall still operate and record data, but won't do anything to stop potential attacks on your sites. Thorough logs will be available in your CP and you'll be able to see what sort of attacks happened, what security rules were triggered and how the firewall handled the threats, what IP addresses the attacks came from, and so on. We use two types of rules on our servers - commercial ones from a business which operates in the field of web security, and custom ones which our admins occasionally include to respond to newly discovered threats promptly.
ModSecurity in VPS Servers
All VPS servers which are set up with the Hepsia Control Panel come with ModSecurity. The firewall is set up and activated by default for all domains that are hosted on the machine, so there shall not be anything special which you will have to do to protect your websites. It will take you a mouse click to stop ModSecurity if necessary or to turn on its passive mode so that it records what occurs without taking any measures to stop intrusions. You shall be able to look at the logs produced in passive or active mode through the corresponding section of Hepsia and find out more about the form of the attack, where it came from, what rule the firewall employed to take care of it, etcetera. We employ a mix of commercial and custom rules in order to ensure that ModSecurity shall block out as many threats as possible, therefore enhancing the security of your web apps as much as possible.
ModSecurity in Dedicated Servers
All of our dedicated servers that are set up with the Hepsia hosting Control Panel include ModSecurity, so any program which you upload or set up will be secured from the very beginning and you won't need to stress about common attacks or vulnerabilities. An independent section within Hepsia will enable you to start or stop the firewall for each and every domain or subdomain, or turn on a detection mode so that it records information about intrusions, but doesn't take actions to stop them. What you will discover in the logs shall enable you to to secure your Internet sites better - the IP an attack came from, what site was attacked as well as how, what ModSecurity rule was triggered, and so on. With this information, you could see whether a website needs an update, if you need to block IPs from accessing your web server, and so forth. Aside from the third-party commercial security rules for ModSecurity we use, our admins include custom ones as well when they find a new threat which is not yet in the commercial bundle.