ModSecurity is an effective firewall for Apache web servers that's employed to prevent attacks against web apps. It monitors the HTTP traffic to a certain Internet site in real time and stops any intrusion attempts the instant it identifies them. The firewall uses a set of rules to accomplish that - as an example, trying to log in to a script administrator area unsuccessfully a few times sets off one rule, sending a request to execute a particular file which may result in getting access to the website triggers another rule, etcetera. ModSecurity is among the best firewalls on the market and it'll secure even scripts that are not updated regularly because it can prevent attackers from using known exploits and security holes. Very thorough information about each intrusion attempt is recorded and the logs the firewall keeps are much more specific than the conventional logs created by the Apache server, so you can later analyze them and decide if you need to take more measures so as to boost the safety of your script-driven Internet sites.
ModSecurity in Web Hosting
We provide ModSecurity with all web hosting solutions, so your web apps will be shielded from malicious attacks. The firewall is activated by default for all domains and subdomains, but if you would like, you will be able to stop it through the respective section of your Hepsia CP. You could also switch on a detection mode, so ModSecurity will keep a log as intended, but shall not take any action. The logs which you'll find inside Hepsia are extremely detailed and include data about the nature of any attack, when it occurred and from what IP, the firewall rule that was triggered, etc. We employ a group of commercial rules that are constantly updated, but sometimes our admins add custom rules as well in order to efficiently protect the websites hosted on our servers.
ModSecurity in Semi-dedicated Servers
Any web application which you install within your new semi-dedicated server account shall be protected by ModSecurity since the firewall is included with all our hosting plans and is switched on by default for any domain and subdomain that you add or create using your Hepsia hosting CP. You'll be able to manage ModSecurity via a dedicated area within Hepsia where not simply can you activate or deactivate it fully, but you could also switch on a passive mode, so the firewall will not stop anything, but it shall still maintain a record of potential attacks. This takes just a click and you shall be able to view the logs regardless of if ModSecurity is in passive or active mode through the same section - what the attack was and where it came from, how it was taken care of, etc. The firewall employs 2 groups of rules on our web servers - a commercial one which we get from a third-party web security provider and a custom one which our administrators update manually as to respond to newly discovered risks as fast as possible.
ModSecurity in VPS Servers
ModSecurity comes with all Hepsia-based VPS servers that we offer and it will be turned on automatically for every new domain or subdomain you add on the web server. That way, any web app that you install will be secured immediately without doing anything manually on your end. The firewall may be managed via the section of the Control Panel that bears the same name. This is the place whereyou'll be able to turn off ModSecurity or let its passive mode, so it shall not take any action towards threats, but will still keep a detailed log. The recorded information is available inside the same area as well and you shall be able to see what IPs any attacks came from to enable you to block them, what the nature of the attempted attacks was and based upon what security rules ModSecurity responded. The rules which we employ on our servers are a blend between commercial ones that we get from a security organization and custom ones that are added by our admins to maximize the protection of any web apps hosted on our end.
ModSecurity in Dedicated Servers
ModSecurity is offered as standard with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain that you host or subdomain that you create on the web server. In the event that a web app doesn't work correctly, you can either switch off the firewall or set it to work in passive mode. The second means that ModSecurity will keep a log of any possible attack which may take place, but shall not take any action to prevent it. The logs generated in active or passive mode will offer you more details about the exact file which was attacked, the type of the attack and the IP address it came from, etcetera. This information will allow you to decide what measures you can take to boost the safety of your sites, such as blocking IPs or performing script and plugin updates. The ModSecurity rules we use are updated frequently with a commercial pack from a third-party security firm we work with, but sometimes our administrators add their own rules as well when they identify a new potential threat.