ModSecurity is a highly effective firewall for Apache web servers that's employed to prevent attacks towards web apps. It monitors the HTTP traffic to a certain site in real time and blocks any intrusion attempts the moment it detects them. The firewall uses a set of rules to do this - as an example, attempting to log in to a script administrator area unsuccessfully many times activates one rule, sending a request to execute a certain file which could result in gaining access to the website triggers another rule, etc. ModSecurity is among the best firewalls around and it will protect even scripts that are not updated regularly as it can prevent attackers from using known exploits and security holes. Very detailed info about each intrusion attempt is recorded and the logs the firewall maintains are far more detailed than the standard logs generated by the Apache server, so you may later analyze them and determine whether you need to take additional measures so as to enhance the safety of your script-driven Internet sites.
ModSecurity in Cloud Web Hosting
We offer ModSecurity with all cloud web hosting
plans, so your Internet apps will be protected against harmful attacks. The firewall is turned on as standard for all domains and subdomains, but in case you'd like, you will be able to stop it through the respective part of your Hepsia Control Panel. You can also switch on a detection mode, so ModSecurity shall keep a log as intended, but shall not take any action. The logs that you'll find inside Hepsia are incredibly detailed and offer info about the nature of any attack, when it took place and from what IP, the firewall rule which was triggered, and so on. We use a group of commercial rules which are often updated, but sometimes our admins include custom rules as well so as to efficiently protect the websites hosted on our machines.
ModSecurity in Semi-dedicated Hosting
We have integrated ModSecurity as a standard inside all semi-dedicated hosting
packages, so your web applications will be protected as soon as you set them up under any domain or subdomain. The Hepsia Control Panel that comes with the semi-dedicated accounts shall allow you to enable or turn off the firewall for any Internet site with a click. You will also have the ability to switch on a passive detection mode through which ModSecurity shall maintain a log of possible attacks without really stopping them. The thorough logs contain the nature of the attack and what ModSecurity response this attack triggered, where it originated from, etc. The list of rules that we use is constantly updated in order to match any new risks that may appear on the Internet and it comes with both commercial rules that we get from a security business and custom-written ones which our administrators add in the event that they discover a threat that's not present in the commercial list yet.
ModSecurity in VPS Hosting
ModSecurity comes with all Hepsia-based virtual private servers
we offer and it will be activated automatically for any new domain or subdomain that you add on the machine. In this way, any web application you install will be secured right away without doing anything manually on your end. The firewall can be handled via the section of the CP that has the same name. This is the location whereyou'll be able to disable ModSecurity or activate its passive mode, so it shall not take any action against threats, but will still maintain a thorough log. The recorded data is available in the same section as well and you shall be able to see what IPs any attacks came from so that you can block them, what the nature of the attempted attacks was and based on what security rules ModSecurity reacted. The rules which we use on our servers are a blend between commercial ones we get from a security firm and custom ones which are added by our staff to optimize the protection of any web applications hosted on our end.
ModSecurity in Dedicated Web Hosting
ModSecurity is available by default with all dedicated servers
that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain which you host or subdomain you create on the server. Just in case that a web application doesn't function properly, you can either switch off the firewall or set it to operate in passive mode. The latter means that ModSecurity will keep a log of any potential attack that could happen, but shall not take any action to stop it. The logs generated in passive or active mode shall provide you with more details about the exact file which was attacked, the type of the attack and the IP it came from, and so on. This data shall enable you to decide what steps you can take to improve the protection of your sites, such as blocking IPs or performing script and plugin updates. The ModSecurity rules which we employ are updated constantly with a commercial pack from a third-party security company we work with, but sometimes our staff add their own rules also in the event that they identify a new potential threat.