ModSecurity is a powerful firewall for Apache web servers which is used to prevent attacks against web applications. It keeps track of the HTTP traffic to a specific website in real time and blocks any intrusion attempts as soon as it discovers them. The firewall uses a set of rules to accomplish that - as an example, attempting to log in to a script administration area without success a few times activates one rule, sending a request to execute a specific file that could result in getting access to the Internet site triggers another rule, and so on. ModSecurity is among the best firewalls available on the market and it'll preserve even scripts which are not updated on a regular basis since it can prevent attackers from using known exploits and security holes. Very detailed information about every single intrusion attempt is recorded and the logs the firewall maintains are much more comprehensive than the conventional logs provided by the Apache server, so you could later examine them and determine if you need to take extra measures so as to improve the protection of your script-driven sites.
ModSecurity in Website Hosting
ModSecurity comes standard with all website hosting solutions which we supply and it shall be activated automatically for any domain or subdomain you add/create in your Hepsia hosting CP. The firewall has 3 different modes, so you could switch on and disable it with simply a mouse click or set it to detection mode, so it shall keep a log of all attacks, but it'll not do anything to stop them. The log for each of your Internet sites will include in-depth information which includes the nature of the attack, where it came from, what action was taken by ModSecurity, and so forth. The firewall rules which we use are regularly updated and include both commercial ones we get from a third-party security business and custom ones which our system admins include in case that they detect a new type of attacks. This way, the sites which you host here will be much more protected with no action required on your end.
ModSecurity in Semi-dedicated Servers
ModSecurity is a part of our semi-dedicated server packages and if you choose to host your Internet sites with our company, there won't be anything special you'll need to do since the firewall is turned on by default for all domains and subdomains which you add using your hosting Control Panel. If needed, you can disable ModSecurity for a certain website or activate the so-called detection mode in which case the firewall will still function and record data, but shall not do anything to stop potential attacks against your websites. Detailed logs will be available inside your CP and you will be able to see what sort of attacks happened, what security rules were triggered and how the firewall dealt with the threats, what Internet protocol addresses the attacks came from, and so forth. We employ two types of rules on our servers - commercial ones from a company which operates in the field of web security, and customized ones which our administrators often add to respond to newly identified threats in a timely manner.
ModSecurity in VPS Servers
ModSecurity comes with all Hepsia-based VPS servers which we offer and it shall be activated automatically for every new domain or subdomain that you add on the machine. In this way, any web application that you install will be secured from the very beginning without doing anything manually on your end. The firewall could be managed via the section of the Control Panel which has the same name. This is the location whereyou could disable ModSecurity or enable its passive mode, so it will not take any action towards threats, but shall still keep a comprehensive log. The recorded info is available in the same area as well and you shall be able to see what IPs any attacks originated from so that you can stop them, what the nature of the attempted attacks was and based on what security rules ModSecurity reacted. The rules that we employ on our servers are a mix between commercial ones we get from a security company and custom ones that are included by our administrators to optimize the security of any web apps hosted on our end.
ModSecurity in Dedicated Servers
All of our dedicated servers that are set up with the Hepsia hosting Control Panel include ModSecurity, so any application you upload or set up will be protected from the very beginning and you won't have to concern yourself with common attacks or vulnerabilities. A separate section within Hepsia will allow you to start or stop the firewall for each domain or subdomain, or activate a detection mode so that it records information about intrusions, but does not take actions to prevent them. What you'll find in the logs can easily help you to secure your sites better - the IP address an attack originated from, what website was attacked and how, what ModSecurity rule was triggered, and so forth. With this information, you'll be able to see whether a website needs an update, whether you need to block IPs from accessing your web server, etcetera. Besides the third-party commercial security rules for ModSecurity we use, our administrators add custom ones as well whenever they find a new threat that's not yet a part of the commercial bundle.