ModSecurity is a powerful firewall for Apache web servers that's employed to prevent attacks towards web apps. It monitors the HTTP traffic to a specific site in real time and blocks any intrusion attempts as soon as it identifies them. The firewall uses a set of rules to accomplish that - as an illustration, attempting to log in to a script admin area unsuccessfully many times activates one rule, sending a request to execute a specific file that may result in getting access to the site triggers another rule, etcetera. ModSecurity is among the best firewalls available on the market and it will secure even scripts which are not updated frequently since it can prevent attackers from employing known exploits and security holes. Incredibly detailed information about each intrusion attempt is recorded and the logs the firewall maintains are far more specific than the regular logs provided by the Apache server, so you could later examine them and decide if you need to take more measures in order to increase the security of your script-driven Internet sites.
ModSecurity in Shared Web Hosting
ModSecurity comes by default with all shared web hosting
solutions that we offer and it shall be activated automatically for any domain or subdomain that you add/create within your Hepsia hosting CP. The firewall has 3 different modes, so you can activate and disable it with only a click or set it to detection mode, so it will keep a log of all attacks, but it'll not do anything to prevent them. The log for each of your Internet sites shall contain comprehensive information such as the nature of the attack, where it originated from, what action was taken by ModSecurity, and so on. The firewall rules we use are regularly updated and comprise of both commercial ones that we get from a third-party security firm and custom ones which our system administrators add in the event that they detect a new sort of attacks. In this way, the Internet sites that you host here shall be way more secure without any action required on your end.
ModSecurity in Semi-dedicated Servers
ModSecurity is a part of our semi-dedicated server
solutions and if you choose to host your Internet sites with us, there will not be anything special you'll need to do since the firewall is turned on by default for all domains and subdomains you add through your hosting Control Panel. If required, you could disable ModSecurity for a given Internet site or switch on the so-called detection mode in which case the firewall will still function and record information, but will not do anything to prevent possible attacks on your sites. Thorough logs shall be readily available within your Control Panel and you will be able to see what sort of attacks took place, what security rules were triggered and how the firewall addressed the threats, what Internet protocol addresses the attacks originated from, etcetera. We employ 2 types of rules on our servers - commercial ones from a firm which operates in the field of web security, and custom made ones that our admins sometimes add to respond to newly discovered risks promptly.
ModSecurity in VPS Servers
All VPS servers
which are offered with the Hepsia CP feature ModSecurity. The firewall is installed and activated by default for all domains that are hosted on the server, so there shall not be anything special which you will have to do to protect your sites. It will take you simply a click to stop ModSecurity if necessary or to activate its passive mode so that it records what occurs without taking any actions to stop intrusions. You'll be able to look at the logs produced in passive or active mode through the corresponding section of Hepsia and discover more about the type of the attack, where it came from, what rule the firewall employed to handle it, etc. We use a mix of commercial and custom rules so as to ensure that ModSecurity will prevent as many threats as possible, hence enhancing the security of your web applications as much as possible.
ModSecurity in Dedicated Servers
All of our dedicated servers
which are installed with the Hepsia hosting CP include ModSecurity, so any application which you upload or set up will be protected from the very beginning and you won't need to concern yourself with common attacks or vulnerabilities. A separate section inside Hepsia will permit you to start or stop the firewall for every domain or subdomain, or switch on a detection mode so that it records information regarding intrusions, but doesn't take actions to prevent them. What you'll find in the logs can enable you to to secure your sites better - the IP address an attack came from, what website was attacked and in what way, what ModSecurity rule was triggered, and so on. With this info, you'll be able to see whether a website needs an update, whether you ought to block IPs from accessing your server, etc. On top of the third-party commercial security rules for ModSecurity which we use, our admins add custom ones as well every time they find a new threat which is not yet a part of the commercial bundle.