ModSecurity is a powerful firewall for Apache web servers which is employed to stop attacks against web applications. It tracks the HTTP traffic to a certain Internet site in real time and prevents any intrusion attempts the instant it identifies them. The firewall uses a set of rules to accomplish that - as an illustration, attempting to log in to a script admin area unsuccessfully a few times triggers one rule, sending a request to execute a specific file that may result in accessing the site triggers a different rule, etcetera. ModSecurity is one of the best firewalls on the market and it'll preserve even scripts which aren't updated often as it can prevent attackers from using known exploits and security holes. Quite detailed info about every intrusion attempt is recorded and the logs the firewall maintains are much more comprehensive than the standard logs created by the Apache server, so you could later take a look at them and determine whether you need to take more measures so as to boost the protection of your script-driven Internet sites.
ModSecurity in Shared Hosting
ModSecurity is offered with every single shared hosting package that we provide and it's switched on by default for any domain or subdomain which you include through your Hepsia Control Panel. In case it disrupts any of your applications or you'd like to disable it for whatever reason, you'll be able to achieve that through the ModSecurity section of Hepsia with simply a click. You could also enable a passive mode, so the firewall will detect potential attacks and maintain a log, but won't take any action. You could see comprehensive logs in the exact same section, including the IP where the attack originated from, what exactly the attacker aimed to do and at what time, what ModSecurity did, and so on. For max protection of our customers we use a group of commercial firewall rules mixed with custom ones that are added by our system administrators.
ModSecurity in Semi-dedicated Hosting
We've integrated ModSecurity as a standard inside all semi-dedicated hosting packages, so your web apps shall be protected as soon as you install them under any domain or subdomain. The Hepsia Control Panel which is included with the semi-dedicated accounts will permit you to enable or disable the firewall for any Internet site with a mouse click. You'll also have the ability to activate a passive detection mode in which ModSecurity will maintain a log of potential attacks without actually preventing them. The detailed logs include things like the nature of the attack and what ModSecurity response this attack triggered, where it originated from, and so forth. The list of rules we employ is constantly updated in order to match any new threats that may appear on the Internet and it consists of both commercial rules that we get from a security company and custom-written ones that our admins include if they find a threat that is not present in the commercial list yet.
ModSecurity in VPS Hosting
ModSecurity is pre-installed on all virtual private servers that are provided with the Hepsia hosting CP, so your web programs will be protected from the second your server is in a position. The firewall is switched on by default for any domain or subdomain on the VPS, but if necessary, you could disable it with a mouse click through the corresponding section of Hepsia. You may also set it to function in detection mode, so it'll keep a detailed log of any potential attacks without taking any action to prevent them. The logs are available inside the same section and offer information regarding the nature of the attack, what IP address it came from and what ModSecurity rule was activated to stop it. For optimum security, we employ not just commercial rules from a company operating in the field of web security, but also custom ones our admins add personally so as to respond to new threats which are still not dealt with in the commercial rules.
ModSecurity in Dedicated Web Hosting
ModSecurity comes with all dedicated servers which are set up with our Hepsia Control Panel and you will not need to do anything specific on your end to employ it as it's activated by default each time you include a new domain or subdomain on your web server. In case it disrupts any of your applications, you shall be able to stop it via the respective part of Hepsia, or you could leave it working in passive mode, so it'll identify attacks and will still maintain a log for them, but won't stop them. You may analyze the logs later to find out what you can do to increase the security of your sites since you will find information such as where an intrusion attempt came from, what site was attacked and based on what rule ModSecurity responded, and so forth. The rules which we employ are commercial, therefore they are constantly updated by a security provider, but to be on the safe side, our staff also include custom rules every now and then as to respond to any new threats they have identified.