ModSecurity is an effective firewall for Apache web servers that is used to stop attacks toward web apps. It tracks the HTTP traffic to a given Internet site in real time and blocks any intrusion attempts the moment it detects them. The firewall relies on a set of rules to do that - for instance, trying to log in to a script administrator area unsuccessfully a few times sets off one rule, sending a request to execute a particular file which may result in getting access to the Internet site triggers a different rule, etc. ModSecurity is among the best firewalls out there and it will protect even scripts which aren't updated regularly since it can prevent attackers from using known exploits and security holes. Incredibly thorough data about every intrusion attempt is recorded and the logs the firewall keeps are a lot more comprehensive than the standard logs provided by the Apache server, so you can later examine them and decide whether you need to take more measures in order to increase the protection of your script-driven websites.
ModSecurity in Shared Hosting
ModSecurity is available on all shared hosting web servers, so when you choose to host your websites with our firm, they shall be resistant to an array of attacks. The firewall is enabled as standard for all domains and subdomains, so there shall be nothing you'll have to do on your end. You'll be able to stop ModSecurity for any website if needed, or to switch on a detection mode, so all activity shall be recorded, but the firewall shall not take any real action. You shall be able to view detailed logs through your Hepsia CP including the IP where the attack originated from, what the attacker planned to do and how ModSecurity handled the threat. Since we take the safety of our clients' Internet sites very seriously, we employ a group of commercial rules that we take from one of the top firms that maintain this type of rules. Our admins also add custom rules to ensure that your sites shall be resistant to as many threats as possible.
ModSecurity in Semi-dedicated Hosting
All semi-dedicated hosting packages which we offer come with ModSecurity and because the firewall is switched on by default, any Internet site which you create under a domain or a subdomain will be secured immediately. A separate section inside the Hepsia Control Panel which comes with the semi-dedicated accounts is dedicated to ModSecurity and it will permit you to start and stop the firewall for any site or enable a detection mode. With the last option, ModSecurity shall not take any action, but it'll still identify possible attacks and shall keep all information inside a log as if it were 100% active. The logs could be found inside the very same section of the Control Panel and they feature information about the IP where an attack came from, what its nature was, what rule ModSecurity applies to recognize and stop it, and so forth. The security rules we use on our web servers are a mix of commercial ones from a security company and custom ones created by our system administrators. Consequently, we provide greater security for your web programs as we can defend them from attacks even before security firms release updates for completely new threats.
ModSecurity in VPS Web Hosting
ModSecurity is pre-installed on all virtual private servers which are provided with the Hepsia hosting Control Panel, so your web programs will be protected from the second your server is in a position. The firewall is turned on by default for any domain or subdomain on the Virtual Private Server, but if required, you can deactivate it with a click through the corresponding section of Hepsia. You could also set it to operate in detection mode, so it'll keep an extensive log of any potential attacks without taking any action to prevent them. The logs are available in the same section and offer details about the nature of the attack, what IP it originated from and what ModSecurity rule was triggered to stop it. For maximum security, we employ not only commercial rules from a business working in the field of web security, but also custom ones that our administrators include manually in order to react to new risks which are still not addressed in the commercial rules.
ModSecurity in Dedicated Servers Hosting
ModSecurity is included with all dedicated servers that are set up with our Hepsia Control Panel and you'll not have to do anything specific on your end to use it as it is activated by default each time you add a new domain or subdomain on your server. In the event that it disrupts some of your apps, you will be able to stop it via the respective part of Hepsia, or you may leave it operating in passive mode, so it will detect attacks and will still maintain a log for them, but won't block them. You could examine the logs later to determine what you can do to improve the security of your sites since you'll find information such as where an intrusion attempt originated from, what website was attacked and based upon what rule ModSecurity reacted, and so forth. The rules we use are commercial, thus they are frequently updated by a security company, but to be on the safe side, our staff also add custom rules once in a while as to react to any new threats they have discovered.