ModSecurity is a powerful firewall for Apache web servers which is used to prevent attacks against web apps. It tracks the HTTP traffic to a specific Internet site in real time and blocks any intrusion attempts as soon as it discovers them. The firewall uses a set of rules to accomplish that - for instance, trying to log in to a script administrator area unsuccessfully several times triggers one rule, sending a request to execute a specific file that could result in accessing the website triggers a different rule, and so forth. ModSecurity is amongst the best firewalls available on the market and it'll secure even scripts that aren't updated on a regular basis since it can prevent attackers from employing known exploits and security holes. Very comprehensive information about every single intrusion attempt is recorded and the logs the firewall keeps are far more specific than the regular logs created by the Apache server, so you can later analyze them and decide if you need to take additional measures in order to improve the security of your script-driven sites.
ModSecurity in Hosting
ModSecurity comes by default with all hosting plans which we provide and it'll be turned on automatically for any domain or subdomain which you add/create in your Hepsia hosting Control Panel. The firewall has three different modes, so you could switch on and deactivate it with only a mouse click or set it to detection mode, so it shall keep a log of all attacks, but it will not do anything to prevent them. The log for each of your sites will include detailed info including the nature of the attack, where it originated from, what action was taken by ModSecurity, and so forth. The firewall rules which we use are constantly updated and include both commercial ones which we get from a third-party security company and custom ones which our system administrators include in case that they detect a new kind of attacks. In this way, the websites that you host here shall be much more secure without any action needed on your end.
ModSecurity in Semi-dedicated Servers
We have incorporated ModSecurity as a standard in all semi-dedicated server plans, so your web applications shall be protected as soon as you set them up under any domain or subdomain. The Hepsia CP that comes with the semi-dedicated accounts shall allow you to switch on or turn off the firewall for any website with a mouse click. You shall also be able to activate a passive detection mode in which ModSecurity will keep a log of possible attacks without actually preventing them. The detailed logs include things like the nature of the attack and what ModSecurity response this attack activated, where it originated from, and so on. The list of rules we use is constantly updated in order to match any new threats which could appear on the Internet and it features both commercial rules that we get from a security firm and custom-written ones that our administrators add in case they find a threat that's not present in the commercial list yet.
ModSecurity in VPS Servers
All VPS servers that are offered with the Hepsia Control Panel come with ModSecurity. The firewall is set up and switched on by default for all domains that are hosted on the machine, so there shall not be anything special which you'll have to do to protect your websites. It shall take you a mouse click to stop ModSecurity if needed or to turn on its passive mode so that it records what occurs without taking any steps to prevent intrusions. You will be able to look at the logs produced in passive or active mode via the corresponding section of Hepsia and find out more about the form of the attack, where it came from, what rule the firewall used to handle it, and so forth. We employ a mix of commercial and custom rules so as to make sure that ModSecurity shall block out as many threats as possible, consequently improving the protection of your web applications as much as possible.
ModSecurity in Dedicated Servers
ModSecurity is provided with all dedicated servers which are set up with our Hepsia Control Panel and you won't need to do anything specific on your end to use it as it's activated by default whenever you add a new domain or subdomain on your server. In the event that it interferes with any of your apps, you shall be able to stop it through the respective area of Hepsia, or you can leave it in passive mode, so it shall detect attacks and will still maintain a log for them, but won't prevent them. You'll be able to look at the logs later to find out what you can do to improve the safety of your Internet sites since you'll find information such as where an intrusion attempt came from, what website was attacked and based on what rule ModSecurity responded, etc. The rules that we use are commercial, thus they are constantly updated by a security company, but to be on the safe side, our staff also add custom rules every now and then as to respond to any new threats they have discovered.