ModSecurity is a highly effective firewall for Apache web servers which is used to stop attacks against web apps. It tracks the HTTP traffic to a certain website in real time and stops any intrusion attempts the moment it discovers them. The firewall uses a set of rules to do this - for instance, attempting to log in to a script administrator area unsuccessfully many times activates one rule, sending a request to execute a specific file that could result in gaining access to the website triggers another rule, and so on. ModSecurity is among the best firewalls available on the market and it'll secure even scripts that aren't updated on a regular basis as it can prevent attackers from using known exploits and security holes. Quite thorough data about each and every intrusion attempt is recorded and the logs the firewall maintains are considerably more comprehensive than the regular logs created by the Apache server, so you could later take a look at them and decide whether you need to take more measures in order to enhance the safety of your script-driven websites.
ModSecurity in Web Hosting
ModSecurity can be found with each web hosting plan that we provide and it is switched on by default for any domain or subdomain which you add via your Hepsia CP. If it interferes with any of your apps or you'd like to disable it for any reason, you will be able to do this through the ModSecurity section of Hepsia with only a click. You can also enable a passive mode, so the firewall will recognize possible attacks and keep a log, but won't take any action. You could see detailed logs in the exact same section, including the IP address where the attack originated from, what exactly the attacker attempted to do and at what time, what ModSecurity did, and so forth. For maximum safety of our clients we use a collection of commercial firewall rules blended with custom ones which are included by our system admins.
ModSecurity in Semi-dedicated Hosting
ModSecurity is part of our semi-dedicated hosting solutions and if you opt to host your Internet sites with our company, there shall not be anything special you will have to do as the firewall is turned on by default for all domains and subdomains which you add using your hosting CP. If required, you could disable ModSecurity for a particular website or enable the so-called detection mode in which case the firewall will still work and record info, but won't do anything to stop potential attacks against your sites. Comprehensive logs will be accessible in your Control Panel and you'll be able to see what sort of attacks took place, what security rules were triggered and how the firewall addressed the threats, what IP addresses the attacks originated from, etcetera. We employ two sorts of rules on our servers - commercial ones from an organization which operates in the field of web security, and custom made ones that our administrators often include to respond to newly identified risks promptly.
ModSecurity in VPS Web Hosting
ModSecurity comes with all Hepsia-based virtual private servers which we offer and it will be activated automatically for every new domain or subdomain you include on the machine. That way, any web app which you install will be protected from the very beginning without doing anything personally on your end. The firewall may be managed via the section of the Control Panel which bears the same name. This is the area whereyou'll be able to switch off ModSecurity or activate its passive mode, so it shall not take any action towards threats, but will still maintain a comprehensive log. The recorded data is available in the same section as well and you shall be able to see what IPs any attacks came from to enable you to block them, what the nature of the attempted attacks was and based on what security rules ModSecurity responded. The rules that we employ on our servers are a combination between commercial ones we obtain from a security firm and custom ones that are included by our admins to maximize the security of any web apps hosted on our end.
ModSecurity in Dedicated Servers Hosting
When you choose to host your sites on a dedicated server with the Hepsia Control Panel, your web programs shall be secured immediately as ModSecurity is provided with all Hepsia-based packages. You'll be able to manage the firewall effortlessly and if required, you will be able to turn it off or activate its passive mode when it will only keep a log of what's taking place without taking any action to prevent potential attacks. The logs that you will find within the exact same section of the CP are quite detailed and include details about the attacker IP, what site and file were attacked and in what way, what rule the firewall employed to stop the intrusion, and so on. This info will enable you to take measures and improve the security of your websites even more. To be on the safe side, we employ not just commercial rules, but also custom-made ones that our admins include whenever they identify attacks that haven't yet been included within the commercial pack.