ModSecurity is an effective firewall for Apache web servers that is employed to stop attacks toward web apps. It keeps track of the HTTP traffic to a given website in real time and stops any intrusion attempts as soon as it identifies them. The firewall relies on a set of rules to accomplish that - as an illustration, trying to log in to a script admin area without success several times sets off one rule, sending a request to execute a certain file that may result in accessing the website triggers a different rule, and so forth. ModSecurity is one of the best firewalls out there and it will secure even scripts that aren't updated regularly because it can prevent attackers from using known exploits and security holes. Quite detailed data about every single intrusion attempt is recorded and the logs the firewall maintains are much more specific than the standard logs generated by the Apache server, so you can later take a look at them and determine if you need to take additional measures in order to increase the protection of your script-driven websites.
ModSecurity in Cloud Website Hosting
ModSecurity is offered with every single cloud website hosting plan that we offer and it is activated by default for every domain or subdomain which you add via your Hepsia Control Panel. If it interferes with any of your programs or you would like to disable it for any reason, you shall be able to do this through the ModSecurity area of Hepsia with just a mouse click. You could also activate a passive mode, so the firewall will identify potential attacks and keep a log, but shall not take any action. You can see detailed logs in the very same section, including the IP address where the attack came from, exactly what the attacker tried to do and at what time, what ModSecurity did, and so forth. For max protection of our customers we use a set of commercial firewall rules mixed with custom ones which are included by our system administrators.
ModSecurity in Semi-dedicated Servers
All semi-dedicated server packages that we offer include ModSecurity and because the firewall is turned on by default, any site you set up under a domain or a subdomain shall be secured immediately. An individual section in the Hepsia Control Panel which comes with the semi-dedicated accounts is dedicated to ModSecurity and it will allow you to start and stop the firewall for any website or enable a detection mode. With the last option, ModSecurity will not take any action, but it will still identify possible attacks and will keep all info in a log as if it were 100% active. The logs could be found in the very same section of the CP and they feature information about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to detect and stop it, etcetera. The security rules that we use on our web servers are a mix of commercial ones from a security firm and custom ones made by our system administrators. Therefore, we provide higher security for your web apps as we can protect them from attacks before security businesses release updates for new threats.
ModSecurity in VPS Servers
All VPS servers which are set up with the Hepsia CP come with ModSecurity. The firewall is set up and activated by default for all domains that are hosted on the web server, so there shall not be anything special that you'll have to do to protect your sites. It will take you simply a click to stop ModSecurity if required or to activate its passive mode so that it records what happens without taking any actions to prevent intrusions. You shall be able to look at the logs generated in passive or active mode through the corresponding section of Hepsia and learn more about the type of the attack, where it came from, what rule the firewall used to tackle it, and so on. We use a combination of commercial and custom rules so as to make certain that ModSecurity shall block as many threats as possible, thus enhancing the security of your web applications as much as possible.
ModSecurity in Dedicated Servers
When you opt to host your Internet sites on a dedicated server with the Hepsia CP, your web programs will be protected immediately since ModSecurity is provided with all Hepsia-based solutions. You shall be able to manage the firewall effortlessly and if necessary, you'll be able to turn it off or switch on its passive mode when it'll only keep a log of what's taking place without taking any action to stop possible attacks. The logs that you can find inside the same section of the CP are incredibly detailed and include information about the attacker IP, what site and file were attacked and in what way, what rule the firewall employed to stop the intrusion, and so forth. This data will permit you to take measures and boost the protection of your sites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones which our administrators include every time they detect attacks that haven't yet been included within the commercial pack.