ModSecurity is a powerful firewall for Apache web servers that's used to stop attacks against web apps. It monitors the HTTP traffic to a specific site in real time and blocks any intrusion attempts the instant it identifies them. The firewall uses a set of rules to do this - as an example, attempting to log in to a script administrator area unsuccessfully a few times triggers one rule, sending a request to execute a particular file that may result in accessing the Internet site triggers another rule, and so forth. ModSecurity is one of the best firewalls around and it will protect even scripts which are not updated regularly since it can prevent attackers from employing known exploits and security holes. Very thorough info about every intrusion attempt is recorded and the logs the firewall keeps are a lot more specific than the regular logs created by the Apache server, so you may later analyze them and determine if you need to take additional measures so as to increase the protection of your script-driven sites.
ModSecurity in Shared Website Hosting
ModSecurity is supplied with all shared website hosting machines, so when you opt to host your websites with our company, they will be resistant to a wide range of attacks. The firewall is enabled by default for all domains and subdomains, so there'll be nothing you'll need to do on your end. You shall be able to stop ModSecurity for any site if needed, or to activate a detection mode, so that all activity will be recorded, but the firewall shall not take any real action. You will be able to view detailed logs via your Hepsia CP including the IP address where the attack originated from, what the attacker wished to do and how ModSecurity addressed the threat. As we take the safety of our customers' sites very seriously, we use a collection of commercial rules which we take from one of the top companies which maintain this type of rules. Our administrators also include custom rules to make sure that your websites shall be shielded from as many risks as possible.
ModSecurity in Semi-dedicated Hosting
We have included ModSecurity by default within all semi-dedicated hosting products, so your web applications will be protected whenever you install them under any domain or subdomain. The Hepsia CP which is included with the semi-dedicated accounts shall allow you to activate or disable the firewall for any site with a click. You shall also have the ability to activate a passive detection mode in which ModSecurity will keep a log of possible attacks without really preventing them. The comprehensive logs include the nature of the attack and what ModSecurity response that attack activated, where it originated from, and so forth. The list of rules that we use is constantly updated as to match any new threats which may appear on the Internet and it consists of both commercial rules that we get from a security company and custom-written ones that our administrators include if they discover a threat which is not present within the commercial list yet.
ModSecurity in VPS Hosting
ModSecurity is pre-installed on all virtual private servers that are offered with the Hepsia hosting Control Panel, so your web apps shall be protected from the instant your server is in a position. The firewall is activated by default for any domain or subdomain on the Virtual Private Server, but if necessary, you'll be able to disable it with a mouse click through the corresponding section of Hepsia. You may also set it to function in detection mode, so it'll keep an extensive log of any possible attacks without taking any action to prevent them. The logs are available within the exact same section and provide info about the nature of the attack, what IP address it originated from and what ModSecurity rule was triggered to stop it. For optimum security, we use not just commercial rules from a company operating in the field of web security, but also custom ones which our administrators include personally so as to respond to new threats that are still not addressed in the commercial rules.
ModSecurity in Dedicated Web Hosting
All of our dedicated servers that are installed with the Hepsia hosting CP feature ModSecurity, so any app which you upload or set up shall be secured from the very beginning and you'll not have to stress about common attacks or vulnerabilities. An independent section inside Hepsia will permit you to start or stop the firewall for every domain or subdomain, or activate a detection mode so that it records info about intrusions, but doesn't take actions to stop them. What you shall find in the logs can easily enable you to to secure your Internet sites better - the IP an attack originated from, what site was attacked and how, what ModSecurity rule was triggered, etcetera. With this info, you'll be able to see whether an Internet site needs an update, if you ought to block IPs from accessing your hosting server, etc. Besides the third-party commercial security rules for ModSecurity we use, our admins include custom ones as well whenever they discover a new threat which is not yet a part of the commercial bundle.