ModSecurity is a highly effective firewall for Apache web servers that is used to stop attacks towards web apps. It keeps track of the HTTP traffic to a particular Internet site in real time and stops any intrusion attempts as soon as it detects them. The firewall relies on a set of rules to do this - as an illustration, trying to log in to a script admin area unsuccessfully many times sets off one rule, sending a request to execute a particular file that could result in getting access to the Internet site triggers a different rule, and so on. ModSecurity is one of the best firewalls available and it will preserve even scripts that are not updated regularly since it can prevent attackers from using known exploits and security holes. Incredibly detailed data about each and every intrusion attempt is recorded and the logs the firewall maintains are far more specific than the standard logs generated by the Apache server, so you can later take a look at them and determine if you need to take extra measures so as to increase the protection of your script-driven Internet sites.
ModSecurity in Website Hosting
ModSecurity comes by default with all website hosting solutions which we supply and it'll be turned on automatically for any domain or subdomain that you add/create in your Hepsia hosting CP. The firewall has 3 different modes, so you'll be able to activate and disable it with just a mouse click or set it to detection mode, so it will maintain a log of all attacks, but it'll not do anything to stop them. The log for each of your websites will include comprehensive info such as the nature of the attack, where it came from, what action was taken by ModSecurity, and so on. The firewall rules that we use are frequently updated and include both commercial ones that we get from a third-party security firm and custom ones that our system administrators add in the event that they detect a new sort of attacks. That way, the Internet sites that you host here will be far more protected with no action expected on your end.
ModSecurity in Semi-dedicated Hosting
All semi-dedicated hosting solutions which we offer feature ModSecurity and since the firewall is turned on by default, any website which you build under a domain or a subdomain will be secured immediately. A separate section inside the Hepsia Control Panel which comes with the semi-dedicated accounts is devoted to ModSecurity and it shall allow you to stop and start the firewall for any website or enable a detection mode. With the latter, ModSecurity shall not take any action, but it will still recognize possible attacks and shall keep all information inside a log as if it were fully active. The logs can be found inside the same section of the Control Panel and they feature details about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to recognize and stop it, etc. The security rules that we use on our web servers are a mix of commercial ones from a security business and custom ones created by our system admins. Therefore, we provide higher security for your web programs as we can defend them from attacks even before security firms release updates for new threats.
ModSecurity in VPS Hosting
ModSecurity is pre-installed on all virtual private servers which are provided with the Hepsia hosting Control Panel, so your web apps will be secured from the instant your server is in a position. The firewall is switched on by default for any domain or subdomain on the VPS, but if necessary, you'll be able to deactivate it with a click via the corresponding section of Hepsia. You could also set it to work in detection mode, so it will keep a detailed log of any potential attacks without taking any action to prevent them. The logs are available inside the very same section and offer information about the nature of the attack, what IP it originated from and what ModSecurity rule was initiated to stop it. For best security, we employ not only commercial rules from a firm working in the field of web security, but also custom ones our administrators add personally so as to respond to new risks which are still not addressed in the commercial rules.
ModSecurity in Dedicated Web Hosting
ModSecurity is included with all dedicated servers that are set up with our Hepsia Control Panel and you won't have to do anything specific on your end to employ it as it is enabled by default each time you include a new domain or subdomain on your web server. If it interferes with some of your programs, you shall be able to stop it through the respective area of Hepsia, or you can leave it in passive mode, so it will recognize attacks and will still keep a log for them, but shall not stop them. You'll be able to examine the logs later to determine what you can do to enhance the safety of your sites as you will find details such as where an intrusion attempt came from, what site was attacked and based on what rule ModSecurity responded, etc. The rules that we employ are commercial, thus they're frequently updated by a security company, but to be on the safe side, our administrators also add custom rules every now and then in order to react to any new threats they have identified.