ModSecurity is an effective firewall for Apache web servers that's used to stop attacks toward web apps. It tracks the HTTP traffic to a certain site in real time and stops any intrusion attempts the moment it identifies them. The firewall relies on a set of rules to do that - for instance, attempting to log in to a script administrator area unsuccessfully a few times sets off one rule, sending a request to execute a particular file which could result in gaining access to the website triggers another rule, etc. ModSecurity is among the best firewalls available and it'll secure even scripts that aren't updated frequently because it can prevent attackers from employing known exploits and security holes. Incredibly comprehensive information about every single intrusion attempt is recorded and the logs the firewall keeps are far more detailed than the standard logs provided by the Apache server, so you could later examine them and decide whether you need to take additional measures in order to enhance the protection of your script-driven websites.
ModSecurity in Hosting
ModSecurity comes standard with all hosting packages which we supply and it shall be switched on automatically for any domain or subdomain you add/create inside your Hepsia hosting CP. The firewall has three different modes, so you could switch on and disable it with simply a click or set it to detection mode, so it'll maintain a log of all attacks, but it will not do anything to prevent them. The log for any of your sites will feature elaborate information such as the nature of the attack, where it originated from, what action was taken by ModSecurity, and so forth. The firewall rules that we use are constantly updated and include both commercial ones that we get from a third-party security company and custom ones our system admins include in case that they detect a new sort of attacks. This way, the websites that you host here shall be a lot more protected without any action needed on your end.
ModSecurity in Semi-dedicated Servers
We've included ModSecurity as a standard within all semi-dedicated server products, so your web applications will be protected whenever you install them under any domain or subdomain. The Hepsia CP that is included with the semi-dedicated accounts shall allow you to switch on or disable the firewall for any site with a click. You shall also be able to switch on a passive detection mode with which ModSecurity will maintain a log of potential attacks without actually preventing them. The thorough logs include things like the nature of the attack and what ModSecurity response this attack initiated, where it originated from, and so forth. The list of rules we use is regularly updated as to match any new risks that may appear on the Internet and it consists of both commercial rules that we get from a security business and custom-written ones that our administrators add in the event that they find a threat that is not present within the commercial list yet.
ModSecurity in VPS Servers
Safety is extremely important to us, so we install ModSecurity on all VPS servers that are set up with the Hepsia Control Panel by default. The firewall can be managed via a dedicated section inside Hepsia and is activated automatically when you include a new domain or create a subdomain, so you'll not need to do anything personally. You'll also be able to disable it or switch on the so-called detection mode, so it'll keep a log of potential attacks you can later examine, but will not block them. The logs in both passive and active modes contain information regarding the type of the attack and how it was prevented, what IP it originated from and other useful info that might help you to tighten the security of your websites by updating them or blocking IPs, as an example. Besides the commercial rules which we get for ModSecurity from a third-party security enterprise, we also employ our own rules as every now and then we identify specific attacks which aren't yet present within the commercial pack. This way, we could improve the security of your Virtual private server immediately instead of awaiting an official update.
ModSecurity in Dedicated Servers
All our dedicated servers which are set up with the Hepsia hosting Control Panel include ModSecurity, so any app you upload or install shall be secured from the very beginning and you'll not need to worry about common attacks or vulnerabilities. A separate section in Hepsia will permit you to start or stop the firewall for each domain or subdomain, or switch on a detection mode so that it records info about intrusions, but doesn't take actions to prevent them. What you shall discover in the logs can easily help you to secure your websites better - the IP an attack came from, what website was attacked and exactly how, what ModSecurity rule was triggered, and so forth. With this data, you'll be able to see if an Internet site needs an update, whether you need to block IPs from accessing your server, and so on. In addition to the third-party commercial security rules for ModSecurity which we use, our admins add custom ones as well whenever they come across a new threat that is not yet included in the commercial bundle.