ModSecurity is an effective firewall for Apache web servers which is used to prevent attacks against web apps. It monitors the HTTP traffic to a particular website in real time and prevents any intrusion attempts as soon as it detects them. The firewall uses a set of rules to do this - for instance, attempting to log in to a script admin area without success a few times sets off one rule, sending a request to execute a specific file which could result in getting access to the site triggers a different rule, and so forth. ModSecurity is one of the best firewalls available and it'll preserve even scripts which are not updated often since it can prevent attackers from using known exploits and security holes. Very thorough data about each intrusion attempt is recorded and the logs the firewall maintains are considerably more detailed than the standard logs created by the Apache server, so you can later analyze them and decide if you need to take more measures in order to improve the security of your script-driven sites.
ModSecurity in Website Hosting
We offer ModSecurity with all website hosting packages, so your Internet apps shall be shielded from malicious attacks. The firewall is turned on as standard for all domains and subdomains, but if you'd like, you shall be able to stop it through the respective area of your Hepsia CP. You can also switch on a detection mode, so ModSecurity shall keep a log as intended, but won't take any action. The logs that you'll find in Hepsia are very detailed and include information about the nature of any attack, when it happened and from what IP, the firewall rule which was triggered, and so forth. We employ a set of commercial rules which are often updated, but sometimes our admins add custom rules as well so as to better protect the sites hosted on our machines.
ModSecurity in Semi-dedicated Servers
Any web application that you set up in your new semi-dedicated server account shall be protected by ModSecurity because the firewall is included with all our hosting plans and is activated by default for any domain and subdomain that you add or create using your Hepsia hosting Control Panel. You shall be able to manage ModSecurity through a dedicated section in Hepsia where not only could you activate or deactivate it entirely, but you could also switch on a passive mode, so the firewall shall not stop anything, but it'll still keep an archive of potential attacks. This requires simply a click and you shall be able to view the logs regardless if ModSecurity is in passive or active mode through the same section - what the attack was and where it came from, how it was dealt with, and so forth. The firewall uses 2 groups of rules on our web servers - a commercial one that we get from a third-party web security firm and a custom one which our administrators update personally as to respond to recently discovered risks immediately.
ModSecurity in VPS Servers
ModSecurity is included with all Hepsia-based VPS servers that we offer and it shall be turned on automatically for every new domain or subdomain that you add on the hosting server. That way, any web application you install will be protected right from the start without doing anything manually on your end. The firewall may be managed from the section of the CP which bears the same name. This is the area whereyou'll be able to switch off ModSecurity or let its passive mode, so it will not take any action toward threats, but will still maintain a comprehensive log. The recorded info is available within the same area as well and you shall be able to see what IPs any attacks came from so that you block them, what the nature of the attempted attacks was and based on what security rules ModSecurity reacted. The rules we employ on our servers are a mix between commercial ones which we get from a security firm and custom ones that are included by our staff to optimize the protection of any web apps hosted on our end.
ModSecurity in Dedicated Servers
ModSecurity comes with all dedicated servers that are integrated with our Hepsia CP and you won't need to do anything specific on your end to use it because it's enabled by default every time you add a new domain or subdomain on your hosting server. In case it interferes with any of your applications, you will be able to stop it through the respective area of Hepsia, or you may leave it operating in passive mode, so it will detect attacks and shall still maintain a log for them, but shall not block them. You may examine the logs later to learn what you can do to enhance the security of your sites as you shall find information such as where an intrusion attempt came from, what website was attacked and based upon what rule ModSecurity responded, etc. The rules which we employ are commercial, hence they are frequently updated by a security provider, but to be on the safe side, our admins also include custom rules occasionally as to react to any new threats they have identified.