ModSecurity is an efficient firewall for Apache web servers which is employed to prevent attacks against web apps. It monitors the HTTP traffic to a given website in real time and prevents any intrusion attempts the instant it discovers them. The firewall uses a set of rules to do that - for example, trying to log in to a script administrator area without success a few times activates one rule, sending a request to execute a certain file which may result in gaining access to the website triggers a different rule, and so forth. ModSecurity is one of the best firewalls available on the market and it will secure even scripts that aren't updated on a regular basis since it can prevent attackers from employing known exploits and security holes. Quite thorough info about each and every intrusion attempt is recorded and the logs the firewall keeps are far more comprehensive than the conventional logs created by the Apache server, so you may later take a look at them and decide whether you need to take additional measures in order to increase the security of your script-driven sites.
ModSecurity in Cloud Web Hosting
ModSecurity comes standard with all cloud web hosting plans which we provide and it'll be activated automatically for any domain or subdomain that you add/create inside your Hepsia hosting CP. The firewall has three different modes, so you could switch on and deactivate it with only a mouse click or set it to detection mode, so it shall maintain a log of all attacks, but it shall not do anything to prevent them. The log for any of your Internet sites will feature detailed information such as the nature of the attack, where it originated from, what action was taken by ModSecurity, and so forth. The firewall rules we use are frequently updated and include both commercial ones we get from a third-party security company and custom ones our system admins add in the event that they detect a new kind of attacks. This way, the Internet sites which you host here will be far more protected without any action expected on your end.
ModSecurity in Semi-dedicated Hosting
All semi-dedicated hosting plans that we offer include ModSecurity and because the firewall is switched on by default, any Internet site which you build under a domain or a subdomain shall be secured right away. An independent section in the Hepsia Control Panel that comes with the semi-dedicated accounts is devoted to ModSecurity and it will allow you to start and stop the firewall for any site or enable a detection mode. With the latter, ModSecurity will not take any action, but it'll still recognize possible attacks and shall keep all info in a log as if it were 100% active. The logs could be found in the exact same section of the CP and they offer information about the IP where an attack came from, what its nature was, what rule ModSecurity applies to detect and stop it, etcetera. The security rules that we use on our machines are a mix between commercial ones from a security company and custom ones developed by our system administrators. Consequently, we provide higher security for your web programs as we can shield them from attacks even before security companies release updates for brand new threats.
ModSecurity in VPS Web Hosting
Security is of the utmost importance to us, so we set up ModSecurity on all virtual private servers which are made available with the Hepsia Control Panel as a standard. The firewall could be managed via a dedicated section inside Hepsia and is turned on automatically when you add a new domain or generate a subdomain, so you won't have to do anything manually. You'll also be able to deactivate it or turn on the so-called detection mode, so it will keep a log of possible attacks you can later examine, but won't stop them. The logs in both passive and active modes include info about the type of the attack and how it was eliminated, what IP address it originated from and other valuable information which might help you to tighten the security of your websites by updating them or blocking IPs, as an example. On top of the commercial rules which we get for ModSecurity from a third-party security company, we also use our own rules as every now and then we identify specific attacks which aren't yet present inside the commercial group. That way, we could enhance the protection of your Virtual private server immediately as opposed to waiting for a certified update.
ModSecurity in Dedicated Servers Hosting
If you choose to host your sites on a dedicated server with the Hepsia Control Panel, your web apps will be secured immediately since ModSecurity is supplied with all Hepsia-based plans. You will be able to regulate the firewall easily and if needed, you will be able to turn it off or switch on its passive mode when it will only keep a log of what's taking place without taking any action to prevent possible attacks. The logs which you can find within the very same section of the Control Panel are incredibly detailed and contain info about the attacker IP, what site and file were attacked and in what ways, what rule the firewall used to prevent the intrusion, etcetera. This information will enable you to take measures and improve the protection of your Internet sites even more. To be on the safe side, we use not only commercial rules, but also custom-made ones that our staff include when they identify attacks which have not yet been included inside the commercial pack.