ModSecurity is an effective firewall for Apache web servers that's used to stop attacks toward web apps. It keeps track of the HTTP traffic to a particular site in real time and stops any intrusion attempts the moment it identifies them. The firewall relies on a set of rules to accomplish that - as an example, attempting to log in to a script admin area unsuccessfully several times triggers one rule, sending a request to execute a specific file that may result in accessing the Internet site triggers a different rule, and so forth. ModSecurity is one of the best firewalls around and it'll protect even scripts which aren't updated regularly since it can prevent attackers from employing known exploits and security holes. Quite thorough data about each intrusion attempt is recorded and the logs the firewall keeps are far more detailed than the conventional logs generated by the Apache server, so you can later take a look at them and determine whether you need to take additional measures so as to enhance the protection of your script-driven Internet sites.
ModSecurity in Website Hosting
ModSecurity is provided with all website hosting servers, so when you choose to host your sites with our company, they'll be resistant to a wide range of attacks. The firewall is enabled as standard for all domains and subdomains, so there will be nothing you will have to do on your end. You will be able to stop ModSecurity for any Internet site if needed, or to activate a detection mode, so that all activity will be recorded, but the firewall won't take any real action. You will be able to view comprehensive logs through your Hepsia Control Panel including the IP address where the attack originated from, what the attacker planned to do and how ModSecurity dealt with the threat. Since we take the safety of our customers' Internet sites seriously, we use a set of commercial rules which we get from one of the top companies which maintain this type of rules. Our admins also add custom rules to make certain that your Internet sites shall be resistant to as many risks as possible.
ModSecurity in Semi-dedicated Servers
ModSecurity is a part of our semi-dedicated server solutions and if you opt to host your websites with our company, there won't be anything special you'll have to do since the firewall is turned on by default for all domains and subdomains which you include via your hosting CP. If needed, you'll be able to disable ModSecurity for a particular Internet site or switch on the so-called detection mode in which case the firewall shall still operate and record information, but will not do anything to prevent potential attacks on your sites. Thorough logs shall be readily available within your Control Panel and you'll be able to see what sort of attacks happened, what security rules were triggered and how the firewall handled the threats, what IP addresses the attacks came from, and so on. We use two kinds of rules on our servers - commercial ones from a business which operates in the field of web security, and customized ones that our admins often add to respond to newly discovered threats in a timely manner.
ModSecurity in VPS Servers
All VPS servers which are provided with the Hepsia CP include ModSecurity. The firewall is set up and switched on by default for all domains which are hosted on the server, so there shall not be anything special which you'll need to do to protect your Internet sites. It'll take you a mouse click to stop ModSecurity if required or to switch on its passive mode so that it records what goes on without taking any steps to prevent intrusions. You shall be able to look at the logs generated in active or passive mode through the corresponding section of Hepsia and learn more about the form of the attack, where it came from, what rule the firewall used to tackle it, and so forth. We use a combination of commercial and custom rules in order to ensure that ModSecurity will block as many risks as possible, hence boosting the security of your web apps as much as possible.
ModSecurity in Dedicated Servers
All our dedicated servers that are set up with the Hepsia hosting Control Panel feature ModSecurity, so any app you upload or set up will be secured from the very beginning and you'll not have to worry about common attacks or vulnerabilities. An independent section in Hepsia will allow you to start or stop the firewall for any domain or subdomain, or activate a detection mode so that it records information about intrusions, but does not take actions to prevent them. What you'll see in the logs can allow you to to secure your websites better - the IP an attack came from, what site was attacked and exactly how, what ModSecurity rule was triggered, etcetera. With this information, you can see whether a site needs an update, if you should block IPs from accessing your server, etc. Aside from the third-party commercial security rules for ModSecurity that we use, our admins add custom ones too if they discover a new threat that is not yet in the commercial bundle.