ModSecurity is a powerful firewall for Apache web servers that's employed to stop attacks against web apps. It tracks the HTTP traffic to a specific site in real time and blocks any intrusion attempts the moment it detects them. The firewall uses a set of rules to do this - as an illustration, attempting to log in to a script administrator area without success a few times triggers one rule, sending a request to execute a particular file that may result in accessing the website triggers a different rule, etcetera. ModSecurity is one of the best firewalls on the market and it'll secure even scripts which are not updated on a regular basis since it can prevent attackers from using known exploits and security holes. Quite detailed data about every single intrusion attempt is recorded and the logs the firewall maintains are considerably more specific than the standard logs created by the Apache server, so you may later take a look at them and decide whether you need to take additional measures in order to boost the safety of your script-driven Internet sites.
ModSecurity in Cloud Hosting
We offer ModSecurity with all cloud hosting plans, so your Internet applications will be shielded from harmful attacks. The firewall is turned on as standard for all domains and subdomains, but if you'd like, you'll be able to stop it through the respective area of your Hepsia Control Panel. You'll be able to also activate a detection mode, so ModSecurity shall keep a log as intended, but shall not take any action. The logs that you shall discover in Hepsia are very detailed and offer information about the nature of any attack, when it transpired and from what IP, the firewall rule which was triggered, and so on. We use a range of commercial rules which are frequently updated, but sometimes our administrators include custom rules as well in order to better protect the sites hosted on our machines.
ModSecurity in Semi-dedicated Hosting
Any web app that you install inside your new semi-dedicated hosting account will be protected by ModSecurity as the firewall comes with all our hosting packages and is switched on by default for any domain and subdomain which you add or create through your Hepsia hosting CP. You will be able to manage ModSecurity via a dedicated section inside Hepsia where not only could you activate or deactivate it completely, but you can also switch on a passive mode, so the firewall will not stop anything, but it'll still maintain an archive of potential attacks. This requires only a mouse click and you will be able to look at the logs no matter if ModSecurity is in passive or active mode through the same section - what the attack was and where it originated from, how it was handled, and so on. The firewall uses 2 sets of rules on our machines - a commercial one which we get from a third-party web security firm and a custom one which our administrators update manually in order to respond to recently discovered threats as soon as possible.
ModSecurity in VPS Hosting
Security is of the utmost importance to us, so we install ModSecurity on all virtual private servers which are provided with the Hepsia Control Panel as a standard. The firewall can be managed via a dedicated section in Hepsia and is turned on automatically when you include a new domain or create a subdomain, so you won't have to do anything personally. You shall also be able to deactivate it or turn on the so-called detection mode, so it will maintain a log of possible attacks which you can later study, but shall not block them. The logs in both passive and active modes contain info about the kind of the attack and how it was stopped, what IP it came from and other valuable information which may help you to tighten the security of your Internet sites by updating them or blocking IPs, as an example. Beyond the commercial rules we get for ModSecurity from a third-party security company, we also implement our own rules because once in a while we detect specific attacks which are not yet present inside the commercial group. This way, we can increase the protection of your Virtual private server immediately rather than waiting for a certified update.
ModSecurity in Dedicated Web Hosting
When you decide to host your Internet sites on a dedicated server with the Hepsia Control Panel, your web applications shall be secured straight away as ModSecurity is available with all Hepsia-based plans. You shall be able to regulate the firewall with ease and if necessary, you'll be able to turn it off or switch on its passive mode when it'll only maintain a log of what is happening without taking any action to stop potential attacks. The logs that you'll find within the very same section of the CP are extremely detailed and include data about the attacker IP address, what site and file were attacked and in what way, what rule the firewall used to prevent the intrusion, and so forth. This data will permit you to take measures and enhance the protection of your websites even more. To be on the safe side, we employ not just commercial rules, but also custom-made ones that our administrators include whenever they identify attacks that haven't yet been included inside the commercial pack.