ModSecurity is a powerful firewall for Apache web servers that is used to prevent attacks against web applications. It tracks the HTTP traffic to a specific website in real time and prevents any intrusion attempts the instant it identifies them. The firewall uses a set of rules to do this - for instance, attempting to log in to a script administration area without success several times activates one rule, sending a request to execute a particular file that may result in getting access to the website triggers a different rule, etcetera. ModSecurity is one of the best firewalls available and it'll secure even scripts which aren't updated on a regular basis since it can prevent attackers from employing known exploits and security holes. Incredibly thorough information about every intrusion attempt is recorded and the logs the firewall keeps are a lot more detailed than the conventional logs provided by the Apache server, so you could later take a look at them and decide whether you need to take additional measures in order to improve the protection of your script-driven Internet sites.
ModSecurity in Shared Web Hosting
ModSecurity is provided with all shared web hosting web servers, so when you opt to host your Internet sites with our company, they'll be resistant to a wide range of attacks. The firewall is enabled by default for all domains and subdomains, so there will be nothing you shall need to do on your end. You'll be able to stop ModSecurity for any site if needed, or to enable a detection mode, so that all activity will be recorded, but the firewall won't take any real action. You shall be able to view comprehensive logs via your Hepsia Control Panel including the IP address where the attack came from, what the attacker wished to do and how ModSecurity dealt with the threat. As we take the safety of our clients' Internet sites seriously, we employ a collection of commercial rules which we take from one of the best companies which maintain this kind of rules. Our administrators also include custom rules to ensure that your sites will be shielded from as many risks as possible.
ModSecurity in Semi-dedicated Servers
We've integrated ModSecurity as a standard within all semi-dedicated server packages, so your web apps will be protected as soon as you install them under any domain or subdomain. The Hepsia CP which is included with the semi-dedicated accounts will allow you to activate or turn off the firewall for any website with a click. You'll also have the ability to switch on a passive detection mode through which ModSecurity will keep a log of possible attacks without really stopping them. The detailed logs contain the nature of the attack and what ModSecurity response that attack activated, where it originated from, and so forth. The list of rules that we use is regularly updated as to match any new risks that may appear on the Internet and it features both commercial rules that we get from a security company and custom-written ones that our administrators add in the event that they find a threat that's not present in the commercial list yet.
ModSecurity in VPS Servers
All VPS servers that are offered with the Hepsia Control Panel include ModSecurity. The firewall is set up and activated by default for all domains which are hosted on the web server, so there shall not be anything special which you'll have to do to protect your websites. It'll take you only a click to stop ModSecurity if required or to turn on its passive mode so that it records what goes on without taking any steps to stop intrusions. You will be able to see the logs produced in active or passive mode from the corresponding section of Hepsia and learn more about the type of the attack, where it came from, what rule the firewall employed to take care of it, etcetera. We use a mixture of commercial and custom rules so as to make sure that ModSecurity will stop as many threats as possible, thus increasing the protection of your web programs as much as possible.
ModSecurity in Dedicated Servers
If you decide to host your sites on a dedicated server with the Hepsia Control Panel, your web apps will be secured immediately as ModSecurity is provided with all Hepsia-based plans. You shall be able to regulate the firewall effortlessly and if necessary, you shall be able to turn it off or switch on its passive mode when it'll only keep a log of what is occurring without taking any action to prevent possible attacks. The logs which you can find in the very same section of the CP are incredibly detailed and include data about the attacker IP, what website and file were attacked and in what ways, what rule the firewall employed to stop the intrusion, and so on. This information shall enable you to take measures and increase the protection of your websites even more. To be on the safe side, we use not only commercial rules, but also custom-made ones which our staff include every time they identify attacks that haven't yet been included inside the commercial pack.