ModSecurity is an effective firewall for Apache web servers that's used to stop attacks toward web apps. It tracks the HTTP traffic to a given site in real time and blocks any intrusion attempts as soon as it discovers them. The firewall relies on a set of rules to do that - as an example, attempting to log in to a script administrator area unsuccessfully many times triggers one rule, sending a request to execute a particular file which could result in accessing the Internet site triggers another rule, and so on. ModSecurity is one of the best firewalls on the market and it will protect even scripts that aren't updated on a regular basis as it can prevent attackers from employing known exploits and security holes. Very thorough info about each intrusion attempt is recorded and the logs the firewall maintains are considerably more comprehensive than the conventional logs created by the Apache server, so you may later take a look at them and determine whether you need to take additional measures in order to improve the safety of your script-driven websites.
ModSecurity in Cloud Hosting
We offer ModSecurity with all cloud hosting solutions, so your web applications shall be resistant to malicious attacks. The firewall is switched on by default for all domains and subdomains, but if you'd like, you shall be able to stop it using the respective part of your Hepsia CP. You could also activate a detection mode, so ModSecurity will keep a log as intended, but shall not take any action. The logs that you will find in Hepsia are extremely detailed and feature info about the nature of any attack, when it took place and from what IP, the firewall rule that was triggered, and so forth. We employ a group of commercial rules that are regularly updated, but sometimes our administrators include custom rules as well so as to efficiently protect the websites hosted on our servers.
ModSecurity in Semi-dedicated Servers
ModSecurity is a part of our semi-dedicated server packages and if you decide to host your Internet sites with our company, there won't be anything special you'll need to do as the firewall is switched on by default for all domains and subdomains that you include using your hosting CP. If required, you can disable ModSecurity for a given website or switch on the so-called detection mode in which case the firewall will still work and record data, but won't do anything to prevent possible attacks on your websites. Comprehensive logs will be accessible in your CP and you'll be able to see what type of attacks took place, what security rules were triggered and how the firewall handled the threats, what Internet protocol addresses the attacks originated from, and so on. We employ 2 sorts of rules on our servers - commercial ones from a firm that operates in the field of web security, and customized ones which our admins sometimes add to respond to newly identified threats in a timely manner.
ModSecurity in VPS Servers
ModSecurity is pre-installed on all VPS servers that are provided with the Hepsia hosting CP, so your web applications will be secured from the instant your server is ready. The firewall is switched on by default for any domain or subdomain on the Virtual Private Server, but if needed, you can deactivate it with a mouse click from the corresponding section of Hepsia. You may also set it to operate in detection mode, so it shall keep an extensive log of any potential attacks without taking any action to stop them. The logs are available within the exact same section and provide information about the nature of the attack, what IP address it originated from and what ModSecurity rule was triggered to stop it. For optimum security, we use not only commercial rules from a firm operating in the field of web security, but also custom ones our administrators include manually in order to respond to new risks that are still not tackled in the commercial rules.
ModSecurity in Dedicated Servers
All of our dedicated servers which are installed with the Hepsia hosting Control Panel feature ModSecurity, so any application which you upload or install will be protected from the very beginning and you'll not need to worry about common attacks or vulnerabilities. An independent section in Hepsia will allow you to start or stop the firewall for each domain or subdomain, or switch on a detection mode so that it records information about intrusions, but does not take actions to prevent them. What you'll discover in the logs shall enable you to to secure your sites better - the IP an attack originated from, what site was attacked and how, what ModSecurity rule was triggered, etc. With this information, you can see if a site needs an update, whether you need to block IPs from accessing your server, etc. Besides the third-party commercial security rules for ModSecurity which we use, our admins include custom ones too when they come across a new threat that's not yet in the commercial bundle.