ModSecurity is a powerful firewall for Apache web servers that is employed to prevent attacks against web applications. It tracks the HTTP traffic to a given website in real time and prevents any intrusion attempts as soon as it discovers them. The firewall relies on a set of rules to accomplish that - as an example, attempting to log in to a script admin area without success several times triggers one rule, sending a request to execute a specific file that could result in getting access to the site triggers another rule, etcetera. ModSecurity is one of the best firewalls around and it'll secure even scripts which are not updated often as it can prevent attackers from using known exploits and security holes. Incredibly comprehensive info about every intrusion attempt is recorded and the logs the firewall keeps are considerably more detailed than the conventional logs generated by the Apache server, so you may later take a look at them and determine whether you need to take additional measures so as to enhance the security of your script-driven sites.
ModSecurity in Website Hosting
ModSecurity is available with each and every website hosting package which we provide and it's turned on by default for every domain or subdomain which you add through your Hepsia CP. In the event that it interferes with any of your programs or you would like to disable it for whatever reason, you shall be able to accomplish that through the ModSecurity area of Hepsia with merely a mouse click. You may also activate a passive mode, so the firewall will recognize possible attacks and maintain a log, but shall not take any action. You'll be able to see extensive logs in the very same section, including the IP address where the attack came from, exactly what the attacker aimed to do and at what time, what ModSecurity did, and so forth. For max protection of our customers we use a set of commercial firewall rules blended with custom ones that are included by our system administrators.
ModSecurity in Semi-dedicated Servers
All semi-dedicated server solutions that we offer come with ModSecurity and given that the firewall is enabled by default, any site which you create under a domain or a subdomain will be secured straight away. A separate section in the Hepsia Control Panel which comes with the semi-dedicated accounts is dedicated to ModSecurity and it will enable you to start and stop the firewall for any Internet site or switch on a detection mode. With the latter, ModSecurity won't take any action, but it'll still recognize possible attacks and shall keep all information inside a log as if it were 100% active. The logs can be found in the exact same section of the Control Panel and they feature information regarding the IP where an attack came from, what its nature was, what rule ModSecurity applies to identify and stop it, etcetera. The security rules which we employ on our web servers are a mix between commercial ones from a security business and custom ones made by our system administrators. For that reason, we offer higher security for your web applications as we can protect them from attacks even before security corporations release updates for completely new threats.
ModSecurity in VPS Servers
ModSecurity is provided with all Hepsia-based VPS servers which we offer and it will be switched on automatically for every new domain or subdomain that you add on the hosting server. This way, any web app you install shall be secured from the very beginning without doing anything by hand on your end. The firewall may be handled via the section of the CP which has the same name. This is the place in whichyou could switch off ModSecurity or enable its passive mode, so it shall not take any action toward threats, but will still maintain a thorough log. The recorded data is available within the same area as well and you'll be able to see what IPs any attacks came from to enable you to block them, what the nature of the attempted attacks was and based upon what security rules ModSecurity reacted. The rules which we use on our servers are a combination between commercial ones we obtain from a security company and custom ones that are added by our administrators to improve the protection of any web applications hosted on our end.
ModSecurity in Dedicated Servers
ModSecurity is available by default with all dedicated servers that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain that you host or subdomain that you create on the hosting server. In case that a web application doesn't work correctly, you can either switch off the firewall or set it to work in passive mode. The second means that ModSecurity shall keep a log of any potential attack that may occur, but won't take any action to stop it. The logs produced in passive or active mode will provide you with more details about the exact file that was attacked, the form of the attack and the IP address it came from, and so forth. This data will permit you to determine what actions you can take to increase the safety of your websites, such as blocking IPs or carrying out script and plugin updates. The ModSecurity rules which we employ are updated constantly with a commercial package from a third-party security provider we work with, but from time to time our staff include their own rules as well if they identify a new potential threat.