ModSecurity is an efficient firewall for Apache web servers which is used to stop attacks against web applications. It tracks the HTTP traffic to a given website in real time and stops any intrusion attempts the moment it detects them. The firewall relies on a set of rules to accomplish that - for instance, attempting to log in to a script administration area unsuccessfully a few times triggers one rule, sending a request to execute a certain file that may result in gaining access to the Internet site triggers a different rule, etcetera. ModSecurity is one of the best firewalls out there and it will protect even scripts which aren't updated regularly since it can prevent attackers from employing known exploits and security holes. Incredibly thorough information about each intrusion attempt is recorded and the logs the firewall keeps are far more detailed than the standard logs generated by the Apache server, so you can later take a look at them and determine whether you need to take extra measures so as to enhance the protection of your script-driven Internet sites.
ModSecurity in Shared Hosting
ModSecurity comes standard with all shared hosting plans that we supply and it shall be switched on automatically for any domain or subdomain that you add/create in your Hepsia hosting CP. The firewall has three different modes, so you can switch on and deactivate it with just a click or set it to detection mode, so it'll maintain a log of all attacks, but it will not do anything to prevent them. The log for each of your sites will feature comprehensive info which includes the nature of the attack, where it came from, what action was taken by ModSecurity, etcetera. The firewall rules which we use are constantly updated and comprise of both commercial ones which we get from a third-party security business and custom ones that our system administrators include in the event that they detect a new sort of attacks. This way, the websites which you host here will be a lot more protected with no action needed on your end.
ModSecurity in Semi-dedicated Servers
ModSecurity is part of our semi-dedicated server packages and if you choose to host your sites with us, there won't be anything special you'll need to do as the firewall is activated by default for all domains and subdomains you add through your hosting Control Panel. If necessary, you could disable ModSecurity for a given site or activate the so-called detection mode in which case the firewall will still work and record info, but will not do anything to prevent potential attacks against your websites. Comprehensive logs will be available within your CP and you shall be able to see what sort of attacks took place, what security rules were triggered and how the firewall dealt with the threats, what Internet protocol addresses the attacks came from, and so forth. We use two sorts of rules on our servers - commercial ones from an organization that operates in the field of web security, and customized ones that our administrators occasionally include to respond to newly identified threats promptly.
ModSecurity in VPS Servers
Security is vital to us, so we install ModSecurity on all VPS servers which are set up with the Hepsia Control Panel by default. The firewall can be managed through a dedicated section inside Hepsia and is activated automatically when you add a new domain or create a subdomain, so you will not have to do anything manually. You'll also be able to disable it or switch on the so-called detection mode, so it will maintain a log of possible attacks that you can later analyze, but shall not stop them. The logs in both passive and active modes include information about the form of the attack and how it was eliminated, what IP it originated from and other valuable information that might help you to tighten the security of your Internet sites by updating them or blocking IPs, as an example. In addition to the commercial rules that we get for ModSecurity from a third-party security firm, we also employ our own rules as occasionally we detect specific attacks which are not yet present in the commercial group. This way, we can improve the security of your Virtual private server right away as opposed to awaiting a certified update.
ModSecurity in Dedicated Servers
ModSecurity is provided with all dedicated servers that are integrated with our Hepsia CP and you'll not have to do anything specific on your end to employ it since it is enabled by default whenever you include a new domain or subdomain on your web server. In the event that it interferes with some of your programs, you will be able to stop it via the respective area of Hepsia, or you can leave it working in passive mode, so it will recognize attacks and shall still maintain a log for them, but will not prevent them. You may examine the logs later to learn what you can do to increase the security of your sites since you will find info such as where an intrusion attempt originated from, what Internet site was attacked and in accordance with what rule ModSecurity reacted, etc. The rules that we employ are commercial, thus they are constantly updated by a security provider, but to be on the safe side, our admins also include custom rules occasionally as to react to any new threats they have discovered.