ModSecurity is an efficient firewall for Apache web servers that's used to prevent attacks toward web applications. It monitors the HTTP traffic to a given Internet site in real time and stops any intrusion attempts as soon as it identifies them. The firewall relies on a set of rules to do that - for example, trying to log in to a script admin area without success several times activates one rule, sending a request to execute a particular file which may result in gaining access to the website triggers another rule, and so forth. ModSecurity is among the best firewalls available on the market and it will protect even scripts that are not updated frequently since it can prevent attackers from using known exploits and security holes. Very comprehensive info about every single intrusion attempt is recorded and the logs the firewall maintains are considerably more specific than the standard logs created by the Apache server, so you may later analyze them and decide whether you need to take additional measures so as to increase the protection of your script-driven Internet sites.
ModSecurity in Website Hosting
ModSecurity is provided with all website hosting servers, so when you decide to host your sites with our company, they will be shielded from a wide array of attacks. The firewall is turned on as standard for all domains and subdomains, so there'll be nothing you shall need to do on your end. You'll be able to stop ModSecurity for any Internet site if required, or to activate a detection mode, so all activity will be recorded, but the firewall won't take any real action. You'll be able to view comprehensive logs through your Hepsia Control Panel including the IP address where the attack originated from, what the attacker wished to do and how ModSecurity handled the threat. Since we take the protection of our customers' sites very seriously, we employ a selection of commercial rules that we get from one of the top companies that maintain this type of rules. Our administrators also include custom rules to make sure that your Internet sites will be shielded from as many risks as possible.
ModSecurity in Semi-dedicated Hosting
All semi-dedicated hosting packages which we offer come with ModSecurity and since the firewall is switched on by default, any Internet site which you set up under a domain or a subdomain shall be secured right from the start. A separate section inside the Hepsia Control Panel that comes with the semi-dedicated accounts is dedicated to ModSecurity and it'll allow you to stop and start the firewall for any site or activate a detection mode. With the last mentioned, ModSecurity won't take any action, but it shall still recognize possible attacks and will keep all data in a log as if it were completely active. The logs could be found within the same section of the Control Panel and they feature details about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to identify and stop it, etcetera. The security rules we employ on our servers are a mix of commercial ones from a security company and custom ones made by our system administrators. As a result, we offer greater security for your web programs as we can shield them from attacks before security companies release updates for new threats.
ModSecurity in VPS Hosting
All virtual private servers that are provided with the Hepsia CP feature ModSecurity. The firewall is set up and activated by default for all domains which are hosted on the web server, so there will not be anything special that you'll have to do to protect your Internet sites. It shall take you simply a click to stop ModSecurity if needed or to turn on its passive mode so that it records what occurs without taking any steps to prevent intrusions. You'll be able to view the logs generated in passive or active mode via the corresponding section of Hepsia and discover more about the type of the attack, where it came from, what rule the firewall used to handle it, etcetera. We use a mixture of commercial and custom rules in order to make sure that ModSecurity will block as many risks as possible, hence improving the security of your web programs as much as possible.
ModSecurity in Dedicated Web Hosting
ModSecurity is offered by default with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain which you host or subdomain which you create on the web server. In case that a web app doesn't operate correctly, you could either disable the firewall or set it to function in passive mode. The latter means that ModSecurity shall keep a log of any potential attack that may happen, but will not take any action to prevent it. The logs produced in passive or active mode will offer you more details about the exact file that was attacked, the type of the attack and the IP it originated from, and so on. This information will permit you to determine what steps you can take to enhance the protection of your Internet sites, for instance blocking IPs or carrying out script and plugin updates. The ModSecurity rules we employ are updated often with a commercial package from a third-party security enterprise we work with, but from time to time our staff add their own rules as well in case they come across a new potential threat.