ModSecurity is a powerful firewall for Apache web servers that's employed to prevent attacks against web apps. It tracks the HTTP traffic to a specific Internet site in real time and prevents any intrusion attempts as soon as it detects them. The firewall uses a set of rules to do this - for example, trying to log in to a script administration area unsuccessfully several times triggers one rule, sending a request to execute a particular file that could result in getting access to the site triggers another rule, and so forth. ModSecurity is among the best firewalls available and it will secure even scripts that aren't updated on a regular basis as it can prevent attackers from using known exploits and security holes. Incredibly comprehensive info about every intrusion attempt is recorded and the logs the firewall keeps are far more comprehensive than the standard logs provided by the Apache server, so you may later analyze them and determine if you need to take extra measures in order to boost the security of your script-driven Internet sites.
ModSecurity in Cloud Hosting
We provide ModSecurity with all cloud hosting packages, so your web apps will be shielded from harmful attacks. The firewall is turned on by default for all domains and subdomains, but in case you would like, you will be able to stop it via the respective section of your Hepsia CP. You'll be able to also switch on a detection mode, so ModSecurity will keep a log as intended, but will not take any action. The logs which you shall find inside Hepsia are extremely detailed and feature data about the nature of any attack, when it happened and from what IP, the firewall rule which was triggered, etcetera. We employ a group of commercial rules which are frequently updated, but sometimes our admins include custom rules as well in order to better protect the sites hosted on our machines.
ModSecurity in Semi-dedicated Servers
ModSecurity is a part of our semi-dedicated server packages and if you choose to host your websites with us, there won't be anything special you'll have to do given that the firewall is switched on by default for all domains and subdomains that you add through your hosting CP. If necessary, you can disable ModSecurity for a particular site or turn on the so-called detection mode in which case the firewall will still operate and record information, but shall not do anything to prevent possible attacks on your websites. Detailed logs shall be available inside your Control Panel and you shall be able to see what sort of attacks happened, what security rules were triggered and how the firewall dealt with the threats, what Internet protocol addresses the attacks came from, etc. We use two types of rules on our servers - commercial ones from a firm which operates in the field of web security, and custom made ones which our admins sometimes add to respond to newly found risks on time.
ModSecurity in VPS Servers
ModSecurity is provided with all Hepsia-based VPS servers that we offer and it'll be activated automatically for any new domain or subdomain you include on the web server. In this way, any web application you install shall be secured right from the start without doing anything personally on your end. The firewall can be managed via the section of the CP which bears the same name. This is the location in whichyou can turn off ModSecurity or enable its passive mode, so it will not take any action toward threats, but will still keep a thorough log. The recorded information is available in the same section as well and you shall be able to see what IPs any attacks came from so that you can stop them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity responded. The rules we use on our servers are a blend between commercial ones that we get from a security company and custom ones that are added by our administrators to improve the security of any web applications hosted on our end.
ModSecurity in Dedicated Servers
If you choose to host your sites on a dedicated server with the Hepsia CP, your web programs shall be protected immediately because ModSecurity is supplied with all Hepsia-based packages. You'll be able to manage the firewall without difficulty and if needed, you'll be able to turn it off or enable its passive mode when it shall only maintain a log of what's taking place without taking any action to prevent possible attacks. The logs which you can find within the very same section of the Control Panel are very detailed and contain details about the attacker IP address, what website and file were attacked and in what way, what rule the firewall employed to prevent the intrusion, and so forth. This data will permit you to take measures and increase the security of your websites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones which our staff add every time they detect attacks which haven't yet been included within the commercial pack.