ModSecurity is a highly effective firewall for Apache web servers that is employed to prevent attacks towards web applications. It keeps track of the HTTP traffic to a given Internet site in real time and prevents any intrusion attempts the instant it discovers them. The firewall relies on a set of rules to do that - for example, attempting to log in to a script administrator area unsuccessfully several times activates one rule, sending a request to execute a specific file which may result in gaining access to the site triggers a different rule, etcetera. ModSecurity is one of the best firewalls on the market and it'll protect even scripts that aren't updated often since it can prevent attackers from employing known exploits and security holes. Incredibly comprehensive information about each intrusion attempt is recorded and the logs the firewall keeps are considerably more detailed than the conventional logs generated by the Apache server, so you could later analyze them and decide if you need to take extra measures so as to increase the protection of your script-driven websites.
ModSecurity in Shared Hosting
ModSecurity is supplied with all shared hosting web servers, so if you choose to host your websites with our company, they shall be protected against a wide array of attacks. The firewall is enabled as standard for all domains and subdomains, so there'll be nothing you will need to do on your end. You'll be able to stop ModSecurity for any site if needed, or to activate a detection mode, so all activity will be recorded, but the firewall will not take any real action. You will be able to view specific logs from your Hepsia CP including the IP address where the attack came from, what the attacker planned to do and how ModSecurity addressed the threat. Since we take the safety of our customers' sites seriously, we use a collection of commercial rules which we take from one of the leading firms that maintain this sort of rules. Our admins also include custom rules to make certain that your Internet sites shall be shielded from as many risks as possible.
ModSecurity in Semi-dedicated Hosting
ModSecurity is part of our semi-dedicated hosting plans and if you decide to host your websites with our company, there won't be anything special you'll have to do since the firewall is turned on by default for all domains and subdomains which you add via your hosting Control Panel. If required, you could disable ModSecurity for a given website or enable the so-called detection mode in which case the firewall shall still operate and record information, but shall not do anything to stop possible attacks on your websites. In depth logs shall be accessible in your CP and you will be able to see what type of attacks took place, what security rules were triggered and how the firewall addressed the threats, what Internet protocol addresses the attacks came from, and so forth. We employ 2 types of rules on our servers - commercial ones from an organization that operates in the field of web security, and customized ones which our admins often include to respond to newly found threats in a timely manner.
ModSecurity in VPS
ModSecurity is pre-installed on all virtual private servers which are provided with the Hepsia hosting Control Panel, so your web apps will be protected from the instant your server is ready. The firewall is switched on by default for any domain or subdomain on the VPS, but if needed, you could deactivate it with a mouse click from the corresponding section of Hepsia. You could also set it to work in detection mode, so it'll maintain a comprehensive log of any potential attacks without taking any action to prevent them. The logs are available within the exact same section and offer information regarding the nature of the attack, what IP it originated from and what ModSecurity rule was triggered to stop it. For maximum security, we use not just commercial rules from a business operating in the field of web security, but also custom ones that our admins include personally so as to react to new risks which are still not addressed in the commercial rules.
ModSecurity in Dedicated Hosting
ModSecurity is provided with all dedicated servers that are integrated with our Hepsia CP and you'll not need to do anything specific on your end to employ it because it's enabled by default each time you include a new domain or subdomain on your server. In the event that it disrupts any of your applications, you shall be able to stop it through the respective area of Hepsia, or you could leave it operating in passive mode, so it will recognize attacks and shall still maintain a log for them, but won't prevent them. You may look at the logs later to learn what you can do to enhance the security of your sites as you'll find info such as where an intrusion attempt originated from, what site was attacked and based upon what rule ModSecurity responded, and so on. The rules that we use are commercial, therefore they're frequently updated by a security provider, but to be on the safe side, our administrators also add custom rules once in a while in order to respond to any new threats they have identified.