ModSecurity is an effective firewall for Apache web servers that's used to prevent attacks toward web applications. It keeps track of the HTTP traffic to a given Internet site in real time and stops any intrusion attempts the instant it discovers them. The firewall uses a set of rules to do that - as an example, trying to log in to a script administration area unsuccessfully many times triggers one rule, sending a request to execute a certain file which may result in accessing the site triggers another rule, etcetera. ModSecurity is one of the best firewalls available and it will preserve even scripts which aren't updated on a regular basis as it can prevent attackers from employing known exploits and security holes. Incredibly detailed information about every single intrusion attempt is recorded and the logs the firewall keeps are considerably more specific than the regular logs created by the Apache server, so you may later examine them and decide whether you need to take extra measures in order to boost the safety of your script-driven websites.
ModSecurity in Shared Web Hosting
ModSecurity is provided with all shared web hosting
machines, so if you choose to host your websites with our organization, they shall be protected against a wide array of attacks. The firewall is turned on as standard for all domains and subdomains, so there shall be nothing you shall have to do on your end. You shall be able to stop ModSecurity for any site if necessary, or to switch on a detection mode, so all activity shall be recorded, but the firewall won't take any real action. You shall be able to view detailed logs using your Hepsia Control Panel including the IP address where the attack came from, what the attacker wished to do and how ModSecurity handled the threat. Since we take the safety of our customers' Internet sites very seriously, we employ a collection of commercial rules which we take from one of the leading companies which maintain this type of rules. Our admins also add custom rules to make sure that your Internet sites will be protected against as many threats as possible.
ModSecurity in Semi-dedicated Servers
All semi-dedicated server
packages that we offer come with ModSecurity and because the firewall is turned on by default, any site which you create under a domain or a subdomain shall be secured straight away. An individual section inside the Hepsia CP which comes with the semi-dedicated accounts is dedicated to ModSecurity and it shall enable you to stop and start the firewall for any website or enable a detection mode. With the latter, ModSecurity will not take any action, but it will still recognize possible attacks and shall keep all information within a log as if it were fully active. The logs can be found in the exact same section of the CP and they offer specifics about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to identify and stop it, and so forth. The security rules which we employ on our machines are a mix of commercial ones from a security business and custom ones developed by our system admins. For that reason, we offer greater security for your web applications as we can shield them from attacks before security firms release updates for new threats.
ModSecurity in VPS Servers
ModSecurity comes with all Hepsia-based VPS servers
which we offer and it will be switched on automatically for every new domain or subdomain which you add on the web server. In this way, any web application you install shall be protected from the very beginning without doing anything by hand on your end. The firewall may be handled from the section of the Control Panel that bears the same name. This is the location in whichyou'll be able to turn off ModSecurity or let its passive mode, so it will not take any action against threats, but will still keep a thorough log. The recorded info is available inside the same area as well and you will be able to see what IPs any attacks originated from so that you stop them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity responded. The rules which we employ on our servers are a mix between commercial ones which we obtain from a security firm and custom ones that are added by our admins to optimize the security of any web apps hosted on our end.
ModSecurity in Dedicated Servers
If you opt to host your Internet sites on a dedicated server
with the Hepsia CP, your web apps will be secured straight away because ModSecurity is provided with all Hepsia-based plans. You will be able to control the firewall easily and if needed, you will be able to turn it off or enable its passive mode when it will only keep a log of what's taking place without taking any action to prevent possible attacks. The logs which you will find within the very same section of the Control Panel are quite detailed and feature information about the attacker IP address, what site and file were attacked and in what way, what rule the firewall used to stop the intrusion, etc. This info will permit you to take measures and improve the protection of your sites even more. To be on the safe side, we employ not just commercial rules, but also custom-made ones that our administrators add every time they detect attacks which have not yet been included inside the commercial pack.