ModSecurity is an effective firewall for Apache web servers which is employed to stop attacks toward web apps. It tracks the HTTP traffic to a particular website in real time and prevents any intrusion attempts the instant it identifies them. The firewall uses a set of rules to do this - as an illustration, trying to log in to a script admin area unsuccessfully a few times triggers one rule, sending a request to execute a certain file that may result in gaining access to the site triggers another rule, etc. ModSecurity is one of the best firewalls available on the market and it'll preserve even scripts which aren't updated regularly as it can prevent attackers from employing known exploits and security holes. Incredibly detailed data about every intrusion attempt is recorded and the logs the firewall keeps are far more specific than the standard logs generated by the Apache server, so you may later analyze them and decide whether you need to take additional measures in order to increase the security of your script-driven websites.
ModSecurity in Shared Hosting
We offer ModSecurity with all shared hosting solutions, so your Internet apps will be resistant to harmful attacks. The firewall is turned on as standard for all domains and subdomains, but in case you would like, you shall be able to stop it using the respective part of your Hepsia CP. You can also switch on a detection mode, so ModSecurity will keep a log as intended, but will not take any action. The logs which you'll find in Hepsia are incredibly detailed and include information about the nature of any attack, when it occurred and from what IP, the firewall rule that was triggered, etc. We employ a set of commercial rules which are frequently updated, but sometimes our admins include custom rules as well in order to better protect the Internet sites hosted on our machines.
ModSecurity in Semi-dedicated Hosting
ModSecurity is a part of our semi-dedicated hosting solutions and if you opt to host your Internet sites with our company, there won't be anything special you'll need to do as the firewall is activated by default for all domains and subdomains you add through your hosting CP. If required, you could disable ModSecurity for a particular Internet site or turn on the so-called detection mode in which case the firewall shall still function and record data, but won't do anything to stop possible attacks against your Internet sites. In depth logs will be available within your Control Panel and you'll be able to see which kind of attacks took place, what security rules were triggered and how the firewall dealt with the threats, what Internet protocol addresses the attacks came from, and so on. We use two kinds of rules on our servers - commercial ones from a business which operates in the field of web security, and custom made ones that our administrators often include to respond to newly found threats promptly.
ModSecurity in VPS Web Hosting
All virtual private servers that are provided with the Hepsia CP come with ModSecurity. The firewall is set up and switched on by default for all domains which are hosted on the machine, so there shall not be anything special that you'll need to do to protect your sites. It'll take you only a mouse click to stop ModSecurity if needed or to switch on its passive mode so that it records what happens without taking any actions to prevent intrusions. You shall be able to see the logs produced in active or passive mode through the corresponding section of Hepsia and find out more about the type of the attack, where it came from, what rule the firewall used to handle it, etcetera. We employ a mixture of commercial and custom rules in order to make certain that ModSecurity shall prevent as many threats as possible, hence improving the protection of your web apps as much as possible.
ModSecurity in Dedicated Servers Hosting
ModSecurity is available by default with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain you host or subdomain you create on the server. In the event that a web app doesn't operate adequately, you can either turn off the firewall or set it to work in passive mode. The second means that ModSecurity shall maintain a log of any possible attack which may take place, but will not take any action to prevent it. The logs produced in passive or active mode will give you more details about the exact file that was attacked, the nature of the attack and the IP address it came from, etcetera. This info shall enable you to determine what actions you can take to boost the security of your Internet sites, for instance blocking IPs or carrying out script and plugin updates. The ModSecurity rules we use are updated frequently with a commercial bundle from a third-party security provider we work with, but oftentimes our administrators include their own rules also in case they find a new potential threat.