ModSecurity is a highly effective firewall for Apache web servers which is used to prevent attacks towards web apps. It keeps track of the HTTP traffic to a certain site in real time and prevents any intrusion attempts as soon as it identifies them. The firewall relies on a set of rules to accomplish that - as an example, attempting to log in to a script administration area unsuccessfully several times activates one rule, sending a request to execute a specific file that may result in accessing the website triggers another rule, and so on. ModSecurity is amongst the best firewalls on the market and it will preserve even scripts that aren't updated on a regular basis as it can prevent attackers from employing known exploits and security holes. Very comprehensive info about every intrusion attempt is recorded and the logs the firewall maintains are considerably more comprehensive than the conventional logs provided by the Apache server, so you could later take a look at them and determine if you need to take more measures so as to increase the safety of your script-driven sites.
ModSecurity in Cloud Website Hosting
ModSecurity comes standard with all cloud website hosting packages that we supply and it'll be turned on automatically for any domain or subdomain which you add/create within your Hepsia hosting Control Panel. The firewall has three different modes, so you could switch on and disable it with only a click or set it to detection mode, so it shall maintain a log of all attacks, but it will not do anything to stop them. The log for each of your websites shall contain in-depth information such as the nature of the attack, where it came from, what action was taken by ModSecurity, and so on. The firewall rules we use are constantly updated and comprise of both commercial ones we get from a third-party security firm and custom ones that our system admins add in the event that they detect a new kind of attacks. This way, the sites which you host here will be way more protected with no action expected on your end.
ModSecurity in Semi-dedicated Hosting
ModSecurity is part of our semi-dedicated hosting solutions and if you decide to host your Internet sites with us, there won't be anything special you'll have to do since the firewall is switched on by default for all domains and subdomains which you include through your hosting Control Panel. If necessary, you'll be able to disable ModSecurity for a given site or activate the so-called detection mode in which case the firewall shall still work and record info, but shall not do anything to prevent potential attacks on your websites. In depth logs will be accessible in your Control Panel and you shall be able to see which kind of attacks happened, what security rules were triggered and how the firewall dealt with the threats, what Internet protocol addresses the attacks originated from, and so forth. We use 2 sorts of rules on our servers - commercial ones from a company which operates in the field of web security, and custom ones that our admins sometimes add to respond to newly identified risks in a timely manner.
ModSecurity in VPS Web Hosting
ModSecurity is pre-installed on all virtual private servers which are set up with the Hepsia hosting CP, so your web applications will be protected from the instant your server is ready. The firewall is switched on by default for any domain or subdomain on the VPS, but if required, you could disable it with a mouse click from the corresponding section of Hepsia. You may also set it to operate in detection mode, so it will keep a comprehensive log of any possible attacks without taking any action to prevent them. The logs are available in the same section and offer information about the nature of the attack, what IP address it originated from and what ModSecurity rule was activated to stop it. For maximum security, we use not just commercial rules from a business operating in the field of web security, but also custom ones which our administrators add manually so as to react to new risks that are still not tackled in the commercial rules.
ModSecurity in Dedicated Servers Hosting
All our dedicated servers that are set up with the Hepsia hosting CP include ModSecurity, so any application that you upload or set up shall be protected from the very beginning and you will not have to bother about common attacks or vulnerabilities. A separate section within Hepsia will permit you to start or stop the firewall for every domain or subdomain, or turn on a detection mode so that it records details about intrusions, but doesn't take actions to stop them. What you shall discover in the logs shall allow you to to secure your websites better - the IP an attack came from, what site was attacked and in what way, what ModSecurity rule was triggered, etc. With this info, you can see if a website needs an update, if you ought to block IPs from accessing your hosting server, and so on. In addition to the third-party commercial security rules for ModSecurity we use, our administrators include custom ones as well if they discover a new threat that is not yet included in the commercial bundle.