ModSecurity is a powerful firewall for Apache web servers that is used to stop attacks against web applications. It keeps track of the HTTP traffic to a particular Internet site in real time and blocks any intrusion attempts the instant it discovers them. The firewall relies on a set of rules to accomplish that - for example, trying to log in to a script administration area without success several times sets off one rule, sending a request to execute a certain file which may result in accessing the site triggers another rule, etc. ModSecurity is among the best firewalls available on the market and it will preserve even scripts that aren't updated frequently as it can prevent attackers from employing known exploits and security holes. Very detailed information about each intrusion attempt is recorded and the logs the firewall keeps are far more detailed than the standard logs generated by the Apache server, so you could later take a look at them and decide whether you need to take extra measures so as to increase the security of your script-driven sites.
ModSecurity in Shared Hosting
We provide ModSecurity with all shared hosting solutions, so your Internet apps shall be resistant to harmful attacks. The firewall is turned on by default for all domains and subdomains, but in case you'd like, you'll be able to stop it through the respective part of your Hepsia CP. You could also switch on a detection mode, so ModSecurity shall keep a log as intended, but will not take any action. The logs which you shall find inside Hepsia are extremely detailed and include info about the nature of any attack, when it happened and from what IP address, the firewall rule that was triggered, etcetera. We use a group of commercial rules which are often updated, but sometimes our administrators add custom rules as well in order to efficiently protect the websites hosted on our machines.
ModSecurity in Semi-dedicated Servers
We have included ModSecurity as a standard in all semi-dedicated server plans, so your web apps will be protected whenever you install them under any domain or subdomain. The Hepsia Control Panel that comes with the semi-dedicated accounts will permit you to switch on or turn off the firewall for any site with a mouse click. You will also be able to activate a passive detection mode in which ModSecurity shall maintain a log of potential attacks without actually stopping them. The thorough logs include the nature of the attack and what ModSecurity response that attack generated, where it came from, etcetera. The list of rules which we employ is regularly updated as to match any new threats which could appear on the Internet and it includes both commercial rules that we get from a security company and custom-written ones which our admins include in case they find a threat that is not present in the commercial list yet.
ModSecurity in VPS Servers
ModSecurity comes with all Hepsia-based VPS servers that we offer and it will be activated automatically for any new domain or subdomain that you add on the server. That way, any web application which you install will be secured right away without doing anything manually on your end. The firewall could be handled via the section of the CP that bears the same name. This is the place in whichyou'll be able to switch off ModSecurity or activate its passive mode, so it shall not take any action against threats, but will still maintain a comprehensive log. The recorded information is available in the same section as well and you will be able to see what IPs any attacks came from so that you block them, what the nature of the attempted attacks was and based on what security rules ModSecurity reacted. The rules which we employ on our servers are a combination between commercial ones we get from a security organization and custom ones which are included by our admins to enhance the security of any web applications hosted on our end.
ModSecurity in Dedicated Servers
All our dedicated servers that are set up with the Hepsia hosting Control Panel include ModSecurity, so any application you upload or set up will be protected from the very beginning and you won't need to bother about common attacks or vulnerabilities. An individual section within Hepsia will allow you to start or stop the firewall for any domain or subdomain, or turn on a detection mode so that it records details about intrusions, but doesn't take actions to prevent them. What you shall see in the logs shall enable you to to secure your Internet sites better - the IP address an attack originated from, what site was attacked and exactly how, what ModSecurity rule was triggered, etcetera. With this data, you can see whether an Internet site needs an update, if you ought to block IPs from accessing your web server, etc. In addition to the third-party commercial security rules for ModSecurity we use, our administrators add custom ones too every time they come across a new threat that's not yet in the commercial bundle.