ModSecurity is a powerful firewall for Apache web servers that's used to prevent attacks against web applications. It keeps track of the HTTP traffic to a given site in real time and prevents any intrusion attempts the instant it discovers them. The firewall uses a set of rules to do this - as an illustration, attempting to log in to a script administration area without success many times sets off one rule, sending a request to execute a specific file which could result in accessing the Internet site triggers a different rule, etc. ModSecurity is among the best firewalls around and it'll protect even scripts that are not updated often as it can prevent attackers from using known exploits and security holes. Quite thorough info about every single intrusion attempt is recorded and the logs the firewall keeps are a lot more detailed than the standard logs created by the Apache server, so you may later analyze them and decide if you need to take extra measures in order to improve the security of your script-driven sites.
ModSecurity in Shared Hosting
ModSecurity is offered with every shared hosting plan that we provide and it is switched on by default for every domain or subdomain which you add via your Hepsia CP. If it disrupts any of your applications or you would like to disable it for whatever reason, you shall be able to achieve that through the ModSecurity section of Hepsia with merely a click. You could also activate a passive mode, so the firewall will detect potential attacks and maintain a log, but shall not take any action. You can view detailed logs in the exact same section, including the IP address where the attack came from, exactly what the attacker tried to do and at what time, what ModSecurity did, etc. For maximum security of our customers we use a collection of commercial firewall rules blended with custom ones that are provided by our system administrators.
ModSecurity in Semi-dedicated Servers
ModSecurity is a part of our semi-dedicated server solutions and if you opt to host your Internet sites with our company, there shall not be anything special you'll have to do since the firewall is activated by default for all domains and subdomains which you add via your hosting Control Panel. If necessary, you can disable ModSecurity for a given website or turn on the so-called detection mode in which case the firewall shall still operate and record information, but will not do anything to stop potential attacks against your Internet sites. Thorough logs shall be available inside your Control Panel and you shall be able to see which kind of attacks happened, what security rules were triggered and how the firewall dealt with the threats, what Internet protocol addresses the attacks originated from, and so forth. We employ two types of rules on our servers - commercial ones from a company that operates in the field of web security, and custom made ones that our administrators sometimes add to respond to newly found risks promptly.
ModSecurity in VPS Servers
ModSecurity is provided with all Hepsia-based VPS servers that we offer and it shall be turned on automatically for every new domain or subdomain which you add on the hosting server. This way, any web application which you install will be protected from the very beginning without doing anything by hand on your end. The firewall can be managed from the section of the Control Panel which bears the same name. This is the area whereyou could turn off ModSecurity or activate its passive mode, so it will not take any action toward threats, but shall still maintain a detailed log. The recorded data is available inside the same section as well and you'll be able to see what IPs any attacks came from so that you block them, what the nature of the attempted attacks was and based on what security rules ModSecurity responded. The rules that we use on our servers are a blend between commercial ones which we get from a security organization and custom ones which are included by our administrators to enhance the protection of any web apps hosted on our end.
ModSecurity in Dedicated Servers
ModSecurity comes with all dedicated servers that are set up with our Hepsia CP and you won't need to do anything specific on your end to employ it as it's switched on by default every time you add a new domain or subdomain on your server. If it interferes with any of your applications, you will be able to stop it via the respective part of Hepsia, or you may leave it working in passive mode, so it'll identify attacks and shall still maintain a log for them, but shall not block them. You can examine the logs later to find out what you can do to enhance the protection of your sites as you'll find info such as where an intrusion attempt came from, what site was attacked and in accordance with what rule ModSecurity reacted, and so forth. The rules that we use are commercial, thus they are regularly updated by a security firm, but to be on the safe side, our admins also include custom rules once in a while in order to deal with any new threats they have discovered.