ModSecurity is an efficient firewall for Apache web servers which is used to prevent attacks towards web apps. It monitors the HTTP traffic to a specific site in real time and stops any intrusion attempts as soon as it discovers them. The firewall relies on a set of rules to do this - as an illustration, attempting to log in to a script administration area unsuccessfully several times sets off one rule, sending a request to execute a specific file which may result in accessing the Internet site triggers a different rule, and so on. ModSecurity is among the best firewalls out there and it will protect even scripts which aren't updated often since it can prevent attackers from using known exploits and security holes. Incredibly thorough information about every single intrusion attempt is recorded and the logs the firewall keeps are much more comprehensive than the regular logs generated by the Apache server, so you can later analyze them and decide if you need to take extra measures in order to improve the security of your script-driven Internet sites.
ModSecurity in Website Hosting
ModSecurity is available on all website hosting servers, so when you choose to host your Internet sites with our firm, they'll be resistant to a wide range of attacks. The firewall is turned on by default for all domains and subdomains, so there will be nothing you shall need to do on your end. You'll be able to stop ModSecurity for any Internet site if required, or to enable a detection mode, so all activity shall be recorded, but the firewall won't take any real action. You will be able to view comprehensive logs from your Hepsia CP including the IP address where the attack originated from, what the attacker planned to do and how ModSecurity handled the threat. As we take the protection of our customers' sites seriously, we use a selection of commercial rules which we get from one of the leading companies that maintain this kind of rules. Our administrators also add custom rules to make certain that your Internet sites will be shielded from as many risks as possible.
ModSecurity in Semi-dedicated Servers
Any web program that you set up within your new semi-dedicated server account shall be protected by ModSecurity as the firewall is included with all our hosting solutions and is turned on by default for any domain and subdomain that you include or create via your Hepsia hosting CP. You will be able to manage ModSecurity through a dedicated area inside Hepsia where not simply can you activate or deactivate it fully, but you could also enable a passive mode, so the firewall shall not stop anything, but it shall still keep a record of potential attacks. This normally requires just a mouse click and you shall be able to see the logs no matter if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was taken care of, and so forth. The firewall uses 2 groups of rules on our servers - a commercial one which we get from a third-party web security firm and a custom one that our administrators update personally in order to respond to recently discovered risks immediately.
ModSecurity in Dedicated Servers
All our dedicated servers that are set up with the Hepsia hosting Control Panel feature ModSecurity, so any program which you upload or install will be protected from the very beginning and you won't have to stress about common attacks or vulnerabilities. A separate section inside Hepsia will enable you to start or stop the firewall for each and every domain or subdomain, or activate a detection mode so that it records details about intrusions, but doesn't take actions to prevent them. What you will find in the logs can help you to secure your sites better - the IP address an attack originated from, what site was attacked and how, what ModSecurity rule was triggered, etcetera. With this data, you could see if a website needs an update, whether you ought to block IPs from accessing your web server, and so on. On top of the third-party commercial security rules for ModSecurity which we use, our administrators add custom ones as well when they discover a new threat that's not yet in the commercial bundle.