ModSecurity is a powerful firewall for Apache web servers that is employed to prevent attacks against web apps. It monitors the HTTP traffic to a given site in real time and prevents any intrusion attempts the instant it detects them. The firewall uses a set of rules to do that - for instance, attempting to log in to a script admin area without success many times activates one rule, sending a request to execute a particular file that may result in accessing the site triggers a different rule, etcetera. ModSecurity is amongst the best firewalls around and it will protect even scripts which are not updated regularly since it can prevent attackers from employing known exploits and security holes. Incredibly detailed information about each and every intrusion attempt is recorded and the logs the firewall keeps are a lot more detailed than the conventional logs created by the Apache server, so you can later examine them and decide if you need to take extra measures so as to increase the security of your script-driven sites.
ModSecurity in Cloud Hosting
ModSecurity comes standard with all cloud hosting solutions that we offer and it'll be switched on automatically for any domain or subdomain that you add/create inside your Hepsia hosting CP. The firewall has three different modes, so you could switch on and disable it with simply a mouse click or set it to detection mode, so it shall keep a log of all attacks, but it will not do anything to prevent them. The log for each of your Internet sites will feature comprehensive info including the nature of the attack, where it originated from, what action was taken by ModSecurity, and so on. The firewall rules that we use are regularly updated and comprise of both commercial ones which we get from a third-party security firm and custom ones that our system administrators add in case that they detect a new sort of attacks. This way, the websites that you host here will be way more protected with no action expected on your end.
ModSecurity in Semi-dedicated Hosting
All semi-dedicated hosting plans that we offer come with ModSecurity and given that the firewall is switched on by default, any Internet site you build under a domain or a subdomain shall be secured right from the start. An independent section within the Hepsia Control Panel which comes with the semi-dedicated accounts is dedicated to ModSecurity and it'll enable you to start and stop the firewall for any site or enable a detection mode. With the latter, ModSecurity won't take any action, but it shall still recognize possible attacks and will keep all info inside a log as if it were completely active. The logs can be found within the exact same section of the CP and they offer information regarding the IP where an attack came from, what its nature was, what rule ModSecurity applies to recognize and stop it, and so on. The security rules that we employ on our servers are a mix between commercial ones from a security company and custom ones developed by our system administrators. Consequently, we offer greater security for your web applications as we can shield them from attacks even before security firms release updates for completely new threats.
ModSecurity in VPS Web Hosting
All virtual private servers that are set up with the Hepsia CP feature ModSecurity. The firewall is installed and switched on by default for all domains which are hosted on the web server, so there won't be anything special which you'll have to do to protect your Internet sites. It shall take you a mouse click to stop ModSecurity if necessary or to activate its passive mode so that it records what happens without taking any measures to stop intrusions. You shall be able to view the logs produced in active or passive mode through the corresponding section of Hepsia and learn more about the form of the attack, where it originated from, what rule the firewall used to handle it, etcetera. We employ a mixture of commercial and custom rules in order to make certain that ModSecurity will stop as many risks as possible, hence boosting the protection of your web applications as much as possible.
ModSecurity in Dedicated Servers Hosting
ModSecurity is included with all dedicated servers that are set up with our Hepsia Control Panel and you will not need to do anything specific on your end to employ it as it is activated by default every time you add a new domain or subdomain on your web server. In the event that it disrupts any of your apps, you shall be able to stop it via the respective area of Hepsia, or you could leave it working in passive mode, so it'll identify attacks and will still maintain a log for them, but won't prevent them. You could look at the logs later to learn what you can do to improve the security of your sites as you shall find details such as where an intrusion attempt came from, what site was attacked and based on what rule ModSecurity reacted, etcetera. The rules we use are commercial, thus they are frequently updated by a security company, but to be on the safe side, our staff also add custom rules from time to time in order to react to any new threats they have found.