ModSecurity is an effective firewall for Apache web servers that's used to stop attacks towards web applications. It tracks the HTTP traffic to a particular site in real time and stops any intrusion attempts the moment it detects them. The firewall relies on a set of rules to do this - as an illustration, trying to log in to a script administrator area without success several times activates one rule, sending a request to execute a certain file which may result in gaining access to the website triggers another rule, and so on. ModSecurity is amongst the best firewalls around and it'll secure even scripts which are not updated on a regular basis since it can prevent attackers from employing known exploits and security holes. Very comprehensive information about every intrusion attempt is recorded and the logs the firewall keeps are considerably more comprehensive than the conventional logs generated by the Apache server, so you may later take a look at them and determine if you need to take extra measures in order to improve the safety of your script-driven sites.
ModSecurity in Website Hosting
ModSecurity is available on all website hosting machines, so when you opt to host your websites with our organization, they shall be resistant to a wide range of attacks. The firewall is turned on by default for all domains and subdomains, so there'll be nothing you will have to do on your end. You will be able to stop ModSecurity for any site if required, or to activate a detection mode, so all activity will be recorded, but the firewall will not take any real action. You will be able to view detailed logs through your Hepsia Control Panel including the IP where the attack came from, what the attacker wished to do and how ModSecurity addressed the threat. As we take the security of our clients' websites very seriously, we employ a set of commercial rules that we get from one of the leading companies that maintain this type of rules. Our admins also include custom rules to ensure that your websites shall be protected against as many risks as possible.
ModSecurity in Semi-dedicated Servers
We've integrated ModSecurity by default inside all semi-dedicated server plans, so your web applications will be protected as soon as you install them under any domain or subdomain. The Hepsia CP that is included with the semi-dedicated accounts shall allow you to switch on or disable the firewall for any site with a mouse click. You'll also have the ability to turn on a passive detection mode with which ModSecurity shall keep a log of potential attacks without really stopping them. The comprehensive logs include things like the nature of the attack and what ModSecurity response this attack activated, where it originated from, etc. The list of rules which we employ is regularly updated in order to match any new risks that could appear on the Internet and it comes with both commercial rules that we get from a security firm and custom-written ones which our administrators add if they discover a threat that's not present in the commercial list yet.
ModSecurity in VPS Servers
ModSecurity is included with all Hepsia-based VPS servers we offer and it shall be turned on automatically for any new domain or subdomain which you include on the server. In this way, any web app that you install will be secured from the very beginning without doing anything manually on your end. The firewall could be managed through the section of the CP that has the same name. This is the location whereyou can turn off ModSecurity or let its passive mode, so it will not take any action towards threats, but shall still maintain a detailed log. The recorded information is available inside the same section as well and you'll be able to see what IPs any attacks originated from to enable you to block them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity reacted. The rules which we employ on our servers are a mix between commercial ones we obtain from a security firm and custom ones that are included by our administrators to enhance the protection of any web applications hosted on our end.
ModSecurity in Dedicated Servers
ModSecurity is provided by default with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain that you host or subdomain you create on the hosting server. In the event that a web app does not work properly, you can either switch off the firewall or set it to operate in passive mode. The second means that ModSecurity will keep a log of any possible attack which could take place, but shall not take any action to stop it. The logs generated in passive or active mode shall present you with additional details about the exact file that was attacked, the nature of the attack and the IP it came from, etc. This data shall enable you to decide what steps you can take to increase the security of your websites, for instance blocking IPs or performing script and plugin updates. The ModSecurity rules that we employ are updated often with a commercial pack from a third-party security provider we work with, but from time to time our admins include their own rules as well in case they find a new potential threat.