ModSecurity is a highly effective firewall for Apache web servers that's used to prevent attacks against web apps. It keeps track of the HTTP traffic to a given website in real time and prevents any intrusion attempts the instant it identifies them. The firewall relies on a set of rules to do that - for instance, attempting to log in to a script admin area without success several times activates one rule, sending a request to execute a certain file that could result in accessing the site triggers another rule, and so on. ModSecurity is amongst the best firewalls around and it'll protect even scripts which aren't updated regularly as it can prevent attackers from using known exploits and security holes. Very detailed data about each intrusion attempt is recorded and the logs the firewall maintains are considerably more comprehensive than the regular logs provided by the Apache server, so you could later examine them and determine whether you need to take extra measures in order to increase the safety of your script-driven sites.
ModSecurity in Shared Web Hosting
ModSecurity is supplied with all shared web hosting machines, so when you choose to host your Internet sites with our organization, they shall be protected against a wide range of attacks. The firewall is turned on as standard for all domains and subdomains, so there shall be nothing you will have to do on your end. You will be able to stop ModSecurity for any website if required, or to switch on a detection mode, so all activity shall be recorded, but the firewall won't take any real action. You'll be able to view comprehensive logs through your Hepsia CP including the IP address where the attack originated from, what the attacker planned to do and how ModSecurity addressed the threat. Since we take the safety of our customers' websites seriously, we use a selection of commercial rules that we get from one of the best companies that maintain this kind of rules. Our administrators also add custom rules to make sure that your websites will be resistant to as many risks as possible.
ModSecurity in Semi-dedicated Servers
All semi-dedicated server solutions which we offer include ModSecurity and given that the firewall is switched on by default, any site that you build under a domain or a subdomain will be protected straight away. A separate section in the Hepsia CP which comes with the semi-dedicated accounts is dedicated to ModSecurity and it will permit you to start and stop the firewall for any site or activate a detection mode. With the latter, ModSecurity won't take any action, but it'll still identify possible attacks and shall keep all info inside a log as if it were fully active. The logs can be found within the very same section of the CP and they offer information about the IP where an attack came from, what its nature was, what rule ModSecurity applies to detect and stop it, etcetera. The security rules which we employ on our machines are a mix between commercial ones from a security company and custom ones created by our system admins. Therefore, we offer increased security for your web applications as we can defend them from attacks before security companies release updates for completely new threats.
ModSecurity in VPS Servers
ModSecurity is pre-installed on all VPS servers which are offered with the Hepsia hosting CP, so your web apps will be secured from the moment your server is in a position. The firewall is switched on by default for any domain or subdomain on the Virtual Private Server, but if required, you can deactivate it with a click from the corresponding section of Hepsia. You may also set it to work in detection mode, so it'll maintain a comprehensive log of any potential attacks without taking any action to prevent them. The logs are available within the exact same section and include details about the nature of the attack, what IP address it came from and what ModSecurity rule was initiated to stop it. For best security, we use not only commercial rules from a business operating in the field of web security, but also custom ones our admins add manually so as to respond to new threats which are still not dealt with in the commercial rules.
ModSecurity in Dedicated Servers
When you opt to host your sites on a dedicated server with the Hepsia Control Panel, your web applications will be protected straight away as ModSecurity is provided with all Hepsia-based packages. You'll be able to control the firewall easily and if required, you'll be able to turn it off or switch on its passive mode when it will only maintain a log of what's going on without taking any action to prevent potential attacks. The logs which you'll find inside the exact same section of the Control Panel are very detailed and include info about the attacker IP, what site and file were attacked and in what ways, what rule the firewall employed to stop the intrusion, etc. This info shall permit you to take measures and improve the protection of your Internet sites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones which our staff include when they detect attacks which haven't yet been included within the commercial pack.