ModSecurity is a powerful firewall for Apache web servers which is employed to stop attacks towards web apps. It monitors the HTTP traffic to a particular site in real time and stops any intrusion attempts the moment it discovers them. The firewall relies on a set of rules to do this - for example, attempting to log in to a script administrator area unsuccessfully a few times triggers one rule, sending a request to execute a particular file which could result in gaining access to the Internet site triggers a different rule, and so on. ModSecurity is amongst the best firewalls around and it will secure even scripts that are not updated regularly because it can prevent attackers from employing known exploits and security holes. Quite detailed data about each intrusion attempt is recorded and the logs the firewall keeps are far more comprehensive than the standard logs created by the Apache server, so you can later examine them and decide if you need to take additional measures in order to improve the safety of your script-driven sites.
ModSecurity in Shared Hosting
ModSecurity is available with each shared hosting
plan that we provide and it's turned on by default for every domain or subdomain that you include through your Hepsia CP. If it disrupts any of your programs or you would like to disable it for some reason, you will be able to accomplish that through the ModSecurity area of Hepsia with only a click. You may also activate a passive mode, so the firewall will discover potential attacks and keep a log, but will not take any action. You can see comprehensive logs in the very same section, including the IP where the attack originated from, what exactly the attacker attempted to do and at what time, what ModSecurity did, etc. For max security of our clients we use a collection of commercial firewall rules blended with custom ones which are provided by our system administrators.
ModSecurity in Semi-dedicated Servers
ModSecurity is a part of our semi-dedicated server
packages and if you opt to host your Internet sites with us, there shall not be anything special you'll have to do as the firewall is switched on by default for all domains and subdomains that you add through your hosting CP. If necessary, you could disable ModSecurity for a particular Internet site or switch on the so-called detection mode in which case the firewall shall still work and record information, but shall not do anything to stop potential attacks on your sites. In depth logs will be accessible in your CP and you will be able to see what type of attacks occurred, what security rules were triggered and how the firewall addressed the threats, what IP addresses the attacks came from, and so forth. We employ 2 types of rules on our servers - commercial ones from an organization that operates in the field of web security, and custom made ones which our administrators occasionally add to respond to newly found threats promptly.
ModSecurity in VPS Servers
Security is essential to us, so we set up ModSecurity on all VPS servers
which are set up with the Hepsia Control Panel by default. The firewall could be managed via a dedicated section within Hepsia and is switched on automatically when you add a new domain or create a subdomain, so you'll not have to do anything personally. You'll also be able to disable it or switch on the so-called detection mode, so it shall maintain a log of possible attacks which you can later examine, but won't stop them. The logs in both passive and active modes include info regarding the kind of the attack and how it was stopped, what IP address it originated from and other useful info which might help you to tighten the security of your websites by updating them or blocking IPs, as an example. Beyond the commercial rules which we get for ModSecurity from a third-party security company, we also use our own rules because occasionally we find specific attacks that are not yet present within the commercial package. That way, we could enhance the security of your VPS right away rather than awaiting an official update.
ModSecurity in Dedicated Servers
When you opt to host your Internet sites on a dedicated server
with the Hepsia Control Panel, your web applications will be secured right from the start since ModSecurity is provided with all Hepsia-based plans. You shall be able to regulate the firewall without difficulty and if needed, you shall be able to turn it off or enable its passive mode when it'll only maintain a log of what's happening without taking any action to stop possible attacks. The logs which you will find inside the same section of the Control Panel are very detailed and include data about the attacker IP address, what website and file were attacked and in what way, what rule the firewall used to prevent the intrusion, and so forth. This info shall permit you to take measures and boost the security of your sites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones that our staff add when they detect attacks which haven't yet been included within the commercial pack.