ModSecurity is an efficient firewall for Apache web servers that's used to stop attacks toward web apps. It monitors the HTTP traffic to a given website in real time and blocks any intrusion attempts the moment it detects them. The firewall uses a set of rules to do that - for instance, attempting to log in to a script administrator area unsuccessfully a few times sets off one rule, sending a request to execute a certain file which may result in accessing the site triggers a different rule, and so on. ModSecurity is amongst the best firewalls available on the market and it'll preserve even scripts which aren't updated often as it can prevent attackers from employing known exploits and security holes. Quite thorough information about each intrusion attempt is recorded and the logs the firewall keeps are far more detailed than the conventional logs generated by the Apache server, so you may later take a look at them and decide if you need to take additional measures in order to improve the security of your script-driven sites.
ModSecurity in Cloud Hosting
ModSecurity is supplied with all cloud hosting
servers, so if you choose to host your websites with our organization, they shall be shielded from a wide array of attacks. The firewall is enabled by default for all domains and subdomains, so there shall be nothing you shall have to do on your end. You shall be able to stop ModSecurity for any site if necessary, or to activate a detection mode, so that all activity will be recorded, but the firewall won't take any real action. You shall be able to view detailed logs via your Hepsia Control Panel including the IP address where the attack originated from, what the attacker planned to do and how ModSecurity addressed the threat. Since we take the security of our clients' sites very seriously, we employ a selection of commercial rules that we get from one of the top companies which maintain this kind of rules. Our admins also include custom rules to make sure that your sites will be protected against as many risks as possible.
ModSecurity in Semi-dedicated Servers
Any web app which you set up within your new semi-dedicated server
account shall be protected by ModSecurity because the firewall comes with all our hosting plans and is switched on by default for any domain and subdomain you include or create through your Hepsia hosting CP. You'll be able to manage ModSecurity through a dedicated area in Hepsia where not simply can you activate or deactivate it fully, but you can also switch on a passive mode, so the firewall will not block anything, but it'll still keep an archive of potential attacks. This takes just a click and you will be able to view the logs regardless of if ModSecurity is in active or passive mode through the same section - what the attack was and where it came from, how it was addressed, and so on. The firewall employs two groups of rules on our machines - a commercial one which we get from a third-party web security firm and a custom one which our administrators update manually in order to respond to newly discovered threats as fast as possible.
ModSecurity in VPS Servers
ModSecurity is provided with all Hepsia-based VPS servers
which we offer and it'll be switched on automatically for every new domain or subdomain that you include on the hosting server. That way, any web application that you install shall be secured from the very beginning without doing anything manually on your end. The firewall can be managed via the section of the CP that bears the same name. This is the place whereyou could disable ModSecurity or enable its passive mode, so it will not take any action against threats, but shall still keep a thorough log. The recorded info is available inside the same section as well and you'll be able to see what IPs any attacks originated from so that you stop them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity responded. The rules we use on our servers are a blend between commercial ones that we get from a security firm and custom ones which are added by our staff to enhance the security of any web apps hosted on our end.
ModSecurity in Dedicated Servers
When you decide to host your Internet sites on a dedicated server
with the Hepsia CP, your web apps will be protected right away because ModSecurity is provided with all Hepsia-based solutions. You shall be able to manage the firewall effortlessly and if needed, you'll be able to turn it off or activate its passive mode when it shall only keep a log of what's occurring without taking any action to stop potential attacks. The logs that you'll find in the exact same section of the CP are very detailed and feature info about the attacker IP, what website and file were attacked and in what ways, what rule the firewall used to prevent the intrusion, and so forth. This information shall allow you to take measures and improve the security of your Internet sites even more. To be on the safe side, we use not only commercial rules, but also custom-made ones that our administrators add when they identify attacks that have not yet been included in the commercial pack.