ModSecurity is a highly effective firewall for Apache web servers which is employed to stop attacks against web applications. It monitors the HTTP traffic to a particular site in real time and blocks any intrusion attempts the moment it discovers them. The firewall relies on a set of rules to accomplish that - as an illustration, attempting to log in to a script admin area without success many times sets off one rule, sending a request to execute a certain file that could result in getting access to the website triggers a different rule, etcetera. ModSecurity is among the best firewalls out there and it will preserve even scripts which aren't updated on a regular basis since it can prevent attackers from using known exploits and security holes. Incredibly comprehensive data about every single intrusion attempt is recorded and the logs the firewall maintains are far more comprehensive than the regular logs provided by the Apache server, so you may later take a look at them and determine whether you need to take additional measures in order to improve the protection of your script-driven sites.
ModSecurity in Cloud Website Hosting
ModSecurity comes by default with all cloud website hosting plans that we provide and it shall be turned on automatically for any domain or subdomain which you add/create inside your Hepsia hosting CP. The firewall has 3 different modes, so you'll be able to switch on and deactivate it with just a click or set it to detection mode, so it will keep a log of all attacks, but it shall not do anything to prevent them. The log for any of your websites will contain elaborate info such as the nature of the attack, where it came from, what action was taken by ModSecurity, and so on. The firewall rules which we use are constantly updated and consist of both commercial ones that we get from a third-party security firm and custom ones our system admins include in case that they detect a new kind of attacks. That way, the Internet sites that you host here shall be a lot more protected with no action required on your end.
ModSecurity in Semi-dedicated Hosting
Any web program that you set up within your new semi-dedicated hosting account will be protected by ModSecurity because the firewall comes with all our hosting solutions and is activated by default for any domain and subdomain you add or create via your Hepsia hosting CP. You shall be able to manage ModSecurity via a dedicated section inside Hepsia where not only could you activate or deactivate it fully, but you can also switch on a passive mode, so the firewall will not stop anything, but it shall still maintain a record of potential attacks. This normally requires only a mouse click and you shall be able to view the logs regardless if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was handled, etcetera. The firewall employs two sets of rules on our web servers - a commercial one which we get from a third-party web security provider and a custom one which our administrators update manually as to respond to newly discovered risks as fast as possible.
ModSecurity in VPS
All virtual private servers which are offered with the Hepsia Control Panel feature ModSecurity. The firewall is set up and turned on by default for all domains which are hosted on the machine, so there won't be anything special that you shall have to do to protect your sites. It'll take you simply a click to stop ModSecurity if necessary or to turn on its passive mode so that it records what happens without taking any steps to prevent intrusions. You will be able to see the logs generated in active or passive mode from the corresponding section of Hepsia and find out more about the form of the attack, where it came from, what rule the firewall employed to deal with it, and so on. We use a mix of commercial and custom rules in order to make certain that ModSecurity will prevent as many threats as possible, therefore increasing the security of your web programs as much as possible.
ModSecurity in Dedicated Hosting
All of our dedicated servers that are installed with the Hepsia hosting CP come with ModSecurity, so any app you upload or install shall be protected from the very beginning and you'll not need to stress about common attacks or vulnerabilities. An independent section within Hepsia will allow you to start or stop the firewall for each and every domain or subdomain, or activate a detection mode so that it records info about intrusions, but doesn't take actions to prevent them. What you will find in the logs can enable you to to secure your Internet sites better - the IP address an attack originated from, what site was attacked and in what way, what ModSecurity rule was triggered, etcetera. With this info, you can see whether a website needs an update, if you ought to block IPs from accessing your hosting server, etcetera. In addition to the third-party commercial security rules for ModSecurity we use, our administrators include custom ones too whenever they come across a new threat that's not yet in the commercial bundle.