ModSecurity is a highly effective firewall for Apache web servers that's employed to stop attacks toward web apps. It tracks the HTTP traffic to a specific website in real time and stops any intrusion attempts as soon as it identifies them. The firewall relies on a set of rules to accomplish that - as an example, attempting to log in to a script administration area without success a few times activates one rule, sending a request to execute a specific file which could result in accessing the site triggers a different rule, etcetera. ModSecurity is among the best firewalls around and it'll secure even scripts which aren't updated often since it can prevent attackers from employing known exploits and security holes. Quite thorough info about every intrusion attempt is recorded and the logs the firewall keeps are considerably more detailed than the regular logs created by the Apache server, so you can later take a look at them and determine whether you need to take more measures in order to increase the safety of your script-driven sites.
ModSecurity in Cloud Hosting
ModSecurity is available on all cloud hosting
servers, so when you decide to host your Internet sites with our company, they will be resistant to an array of attacks. The firewall is turned on by default for all domains and subdomains, so there'll be nothing you will have to do on your end. You will be able to stop ModSecurity for any website if required, or to switch on a detection mode, so all activity shall be recorded, but the firewall will not take any real action. You'll be able to view detailed logs from your Hepsia CP including the IP address where the attack originated from, what the attacker wished to do and how ModSecurity handled the threat. As we take the security of our clients' websites very seriously, we employ a group of commercial rules that we take from one of the leading firms that maintain this kind of rules. Our administrators also add custom rules to make sure that your Internet sites will be shielded from as many threats as possible.
ModSecurity in Semi-dedicated Servers
ModSecurity is a part of our semi-dedicated server
plans and if you choose to host your websites with us, there will not be anything special you'll need to do since the firewall is turned on by default for all domains and subdomains that you include via your hosting CP. If necessary, you could disable ModSecurity for a given Internet site or enable the so-called detection mode in which case the firewall will still operate and record information, but won't do anything to stop possible attacks against your websites. Detailed logs will be available inside your Control Panel and you'll be able to see what sort of attacks happened, what security rules were triggered and how the firewall addressed the threats, what IP addresses the attacks originated from, etcetera. We use 2 types of rules on our servers - commercial ones from a business which operates in the field of web security, and custom made ones that our admins sometimes add to respond to newly found threats in a timely manner.
ModSecurity in VPS Servers
ModSecurity is pre-installed on all VPS servers
which are offered with the Hepsia hosting Control Panel, so your web apps will be secured from the second your server is ready. The firewall is switched on by default for any domain or subdomain on the VPS, but if required, you'll be able to disable it with a click of your mouse through the corresponding section of Hepsia. You may also set it to function in detection mode, so it will maintain a detailed log of any possible attacks without taking any action to prevent them. The logs are available within the exact same section and offer details about the nature of the attack, what IP address it came from and what ModSecurity rule was triggered to stop it. For best security, we use not only commercial rules from a firm working in the field of web security, but also custom ones that our administrators add personally in order to respond to new risks that are still not addressed in the commercial rules.
ModSecurity in Dedicated Servers
ModSecurity is offered as standard with all dedicated servers
which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain which you host or subdomain that you create on the web server. Just in case that a web app does not work adequately, you could either disable the firewall or set it to operate in passive mode. The second means that ModSecurity will maintain a log of any possible attack which may occur, but will not take any action to prevent it. The logs produced in passive or active mode shall present you with more details about the exact file that was attacked, the nature of the attack and the IP it came from, etcetera. This information will permit you to determine what actions you can take to increase the security of your websites, for instance blocking IPs or carrying out script and plugin updates. The ModSecurity rules that we use are updated often with a commercial pack from a third-party security company we work with, but occasionally our admins add their own rules also if they discover a new potential threat.