ModSecurity is an efficient firewall for Apache web servers which is employed to stop attacks toward web applications. It monitors the HTTP traffic to a specific website in real time and prevents any intrusion attempts the moment it discovers them. The firewall relies on a set of rules to accomplish that - as an example, attempting to log in to a script administration area unsuccessfully several times sets off one rule, sending a request to execute a certain file that could result in gaining access to the Internet site triggers a different rule, and so forth. ModSecurity is among the best firewalls around and it will secure even scripts which are not updated frequently as it can prevent attackers from employing known exploits and security holes. Incredibly detailed information about each intrusion attempt is recorded and the logs the firewall maintains are far more comprehensive than the standard logs provided by the Apache server, so you can later take a look at them and decide if you need to take extra measures so as to increase the safety of your script-driven websites.
ModSecurity in Web Hosting
ModSecurity comes standard with all web hosting
solutions which we provide and it will be switched on automatically for any domain or subdomain you add/create in your Hepsia hosting Control Panel. The firewall has three different modes, so you can activate and deactivate it with a click or set it to detection mode, so it'll keep a log of all attacks, but it will not do anything to prevent them. The log for any of your Internet sites will include comprehensive info such as the nature of the attack, where it originated from, what action was taken by ModSecurity, etc. The firewall rules which we use are constantly updated and comprise of both commercial ones that we get from a third-party security business and custom ones our system administrators include in case that they detect a new kind of attacks. That way, the websites you host here shall be much more protected without any action needed on your end.
ModSecurity in Semi-dedicated Servers
We have included ModSecurity as a standard within all semi-dedicated server
products, so your web applications shall be protected as soon as you install them under any domain or subdomain. The Hepsia Control Panel which is included with the semi-dedicated accounts will permit you to enable or turn off the firewall for any site with a click. You shall also be able to turn on a passive detection mode in which ModSecurity will keep a log of potential attacks without actually preventing them. The detailed logs include things like the nature of the attack and what ModSecurity response that attack triggered, where it came from, etc. The list of rules which we use is regularly updated as to match any new threats which could appear on the Internet and it comes with both commercial rules that we get from a security company and custom-written ones that our admins include in the event that they discover a threat which is not present within the commercial list yet.
ModSecurity in VPS Servers
All VPS servers
that are provided with the Hepsia CP include ModSecurity. The firewall is set up and turned on by default for all domains which are hosted on the machine, so there won't be anything special which you'll have to do to protect your Internet sites. It shall take you a click to stop ModSecurity if necessary or to turn on its passive mode so that it records what goes on without taking any actions to stop intrusions. You will be able to view the logs created in passive or active mode from the corresponding section of Hepsia and find out more about the type of the attack, where it originated from, what rule the firewall employed to handle it, etcetera. We use a mix of commercial and custom rules in order to make sure that ModSecurity shall block out as many risks as possible, consequently improving the security of your web programs as much as possible.
ModSecurity in Dedicated Servers
ModSecurity is available by default with all dedicated servers
that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain that you host or subdomain which you create on the server. In the event that a web application does not work properly, you may either turn off the firewall or set it to work in passive mode. The latter means that ModSecurity will keep a log of any potential attack which could occur, but will not take any action to stop it. The logs created in passive or active mode will present you with more details about the exact file which was attacked, the type of the attack and the IP address it came from, etc. This information will enable you to decide what measures you can take to improve the protection of your sites, for instance blocking IPs or performing script and plugin updates. The ModSecurity rules that we use are updated regularly with a commercial pack from a third-party security provider we work with, but oftentimes our administrators include their own rules also when they find a new potential threat.