ModSecurity is an efficient firewall for Apache web servers that is used to prevent attacks against web apps. It monitors the HTTP traffic to a certain site in real time and blocks any intrusion attempts as soon as it identifies them. The firewall relies on a set of rules to do that - for instance, attempting to log in to a script admin area unsuccessfully several times triggers one rule, sending a request to execute a specific file that could result in accessing the Internet site triggers a different rule, etcetera. ModSecurity is amongst the best firewalls on the market and it will secure even scripts that are not updated on a regular basis as it can prevent attackers from using known exploits and security holes. Very comprehensive information about every single intrusion attempt is recorded and the logs the firewall maintains are much more detailed than the conventional logs created by the Apache server, so you may later analyze them and determine whether you need to take extra measures so as to improve the security of your script-driven Internet sites.
ModSecurity in Website Hosting
We offer ModSecurity with all website hosting
solutions, so your web apps shall be resistant to harmful attacks. The firewall is turned on as standard for all domains and subdomains, but if you would like, you shall be able to stop it via the respective part of your Hepsia CP. You can also activate a detection mode, so ModSecurity shall keep a log as intended, but won't take any action. The logs that you will discover within Hepsia are quite detailed and feature data about the nature of any attack, when it transpired and from what IP address, the firewall rule that was triggered, and so forth. We use a group of commercial rules which are constantly updated, but sometimes our administrators include custom rules as well in order to better protect the websites hosted on our servers.
ModSecurity in Semi-dedicated Hosting
All semi-dedicated hosting
plans that we offer come with ModSecurity and given that the firewall is switched on by default, any Internet site that you create under a domain or a subdomain will be protected right from the start. An independent section inside the Hepsia Control Panel that comes with the semi-dedicated accounts is devoted to ModSecurity and it'll allow you to start and stop the firewall for any Internet site or enable a detection mode. With the last mentioned, ModSecurity won't take any action, but it will still identify possible attacks and will keep all data within a log as if it were completely active. The logs could be found inside the exact same section of the Control Panel and they feature information about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to recognize and stop it, and so forth. The security rules which we use on our web servers are a mix of commercial ones from a security business and custom ones created by our system admins. For that reason, we provide higher security for your web programs as we can shield them from attacks before security companies release updates for brand new threats.
ModSecurity in VPS Hosting
ModSecurity is provided with all Hepsia-based virtual private servers
which we offer and it will be turned on automatically for every new domain or subdomain you add on the server. This way, any web application that you install shall be secured immediately without doing anything by hand on your end. The firewall may be managed via the section of the CP which bears the same name. This is the location whereyou could switch off ModSecurity or let its passive mode, so it won't take any action against threats, but shall still maintain a comprehensive log. The recorded data is available within the same section as well and you will be able to see what IPs any attacks originated from so that you can block them, what the nature of the attempted attacks was and based on what security rules ModSecurity reacted. The rules which we use on our servers are a mix between commercial ones we get from a security organization and custom ones which are included by our administrators to improve the security of any web applications hosted on our end.
ModSecurity in Dedicated Web Hosting
ModSecurity is provided with all dedicated servers
which are integrated with our Hepsia CP and you won't have to do anything specific on your end to use it as it is activated by default whenever you add a new domain or subdomain on your server. In case it interferes with some of your applications, you shall be able to stop it via the respective area of Hepsia, or you could leave it operating in passive mode, so it will identify attacks and shall still keep a log for them, but will not prevent them. You may look at the logs later to learn what you can do to improve the protection of your websites since you shall find info such as where an intrusion attempt originated from, what site was attacked and based on what rule ModSecurity responded, and so on. The rules which we use are commercial, thus they're regularly updated by a security company, but to be on the safe side, our administrators also add custom rules occasionally in order to react to any new threats they have found.