ModSecurity is a powerful firewall for Apache web servers which is employed to stop attacks toward web apps. It monitors the HTTP traffic to a given site in real time and stops any intrusion attempts the instant it identifies them. The firewall uses a set of rules to do this - as an illustration, attempting to log in to a script administration area unsuccessfully several times triggers one rule, sending a request to execute a specific file that may result in accessing the website triggers another rule, and so on. ModSecurity is among the best firewalls available and it'll protect even scripts that aren't updated frequently since it can prevent attackers from employing known exploits and security holes. Quite detailed data about every intrusion attempt is recorded and the logs the firewall maintains are much more comprehensive than the standard logs provided by the Apache server, so you may later examine them and decide whether you need to take additional measures so as to enhance the protection of your script-driven websites.
ModSecurity in Website Hosting
ModSecurity can be found with each website hosting package which we offer and it is activated by default for every domain or subdomain that you include via your Hepsia CP. If it interferes with any of your apps or you'd like to disable it for any reason, you will be able to achieve that through the ModSecurity area of Hepsia with merely a click. You could also enable a passive mode, so the firewall will discover potential attacks and maintain a log, but will not take any action. You could view comprehensive logs in the very same section, including the IP address where the attack originated from, what precisely the attacker aimed to do and at what time, what ModSecurity did, etc. For maximum safety of our clients we use a collection of commercial firewall rules combined with custom ones that are included by our system administrators.
ModSecurity in Semi-dedicated Hosting
ModSecurity is part of our semi-dedicated hosting solutions and if you opt to host your websites with us, there shall not be anything special you will have to do since the firewall is switched on by default for all domains and subdomains you add using your hosting Control Panel. If needed, you could disable ModSecurity for a particular Internet site or switch on the so-called detection mode in which case the firewall will still work and record info, but shall not do anything to stop potential attacks on your sites. Thorough logs shall be accessible within your CP and you shall be able to see which kind of attacks occurred, what security rules were triggered and how the firewall dealt with the threats, what IP addresses the attacks came from, etcetera. We use two types of rules on our servers - commercial ones from a company that operates in the field of web security, and custom ones that our administrators occasionally add to respond to newly identified risks on time.
ModSecurity in VPS Web Hosting
ModSecurity is provided with all Hepsia-based virtual private servers we offer and it'll be switched on automatically for any new domain or subdomain that you include on the machine. This way, any web application that you install shall be secured immediately without doing anything by hand on your end. The firewall could be managed via the section of the Control Panel which bears the same name. This is the location in whichyou can switch off ModSecurity or let its passive mode, so it shall not take any action towards threats, but will still maintain a thorough log. The recorded data is available within the same area as well and you will be able to see what IPs any attacks originated from so that you block them, what the nature of the attempted attacks was and based upon what security rules ModSecurity reacted. The rules we employ on our servers are a mixture between commercial ones that we get from a security firm and custom ones which are included by our admins to optimize the protection of any web applications hosted on our end.
ModSecurity in Dedicated Servers Hosting
ModSecurity is offered as standard with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain you host or subdomain which you create on the server. In case that a web application doesn't work correctly, you could either turn off the firewall or set it to operate in passive mode. The second means that ModSecurity shall maintain a log of any possible attack which may happen, but will not take any action to stop it. The logs produced in passive or active mode shall offer you additional details about the exact file that was attacked, the type of the attack and the IP address it originated from, and so on. This information shall allow you to determine what actions you can take to enhance the safety of your sites, including blocking IPs or performing script and plugin updates. The ModSecurity rules that we employ are updated often with a commercial pack from a third-party security provider we work with, but sometimes our administrators include their own rules too in the event that they come across a new potential threat.