ModSecurity is a highly effective firewall for Apache web servers which is used to prevent attacks against web apps. It monitors the HTTP traffic to a given website in real time and prevents any intrusion attempts the instant it detects them. The firewall uses a set of rules to do this - as an illustration, trying to log in to a script administrator area unsuccessfully many times sets off one rule, sending a request to execute a certain file which may result in accessing the site triggers a different rule, etc. ModSecurity is one of the best firewalls available on the market and it'll secure even scripts which are not updated regularly as it can prevent attackers from employing known exploits and security holes. Quite comprehensive info about each and every intrusion attempt is recorded and the logs the firewall keeps are much more detailed than the regular logs provided by the Apache server, so you can later take a look at them and decide if you need to take more measures so as to enhance the security of your script-driven Internet sites.
ModSecurity in Shared Hosting
ModSecurity comes by default with all shared hosting solutions which we provide and it'll be turned on automatically for any domain or subdomain you add/create inside your Hepsia hosting Control Panel. The firewall has 3 different modes, so you can switch on and deactivate it with only a click or set it to detection mode, so it shall keep a log of all attacks, but it shall not do anything to prevent them. The log for any of your sites shall contain elaborate information such as the nature of the attack, where it came from, what action was taken by ModSecurity, and so forth. The firewall rules that we use are regularly updated and incorporate both commercial ones which we get from a third-party security company and custom ones which our system admins add in the event that they detect a new kind of attacks. That way, the Internet sites you host here shall be far more secure without any action expected on your end.
ModSecurity in Semi-dedicated Servers
ModSecurity is part of our semi-dedicated server solutions and if you opt to host your sites with our company, there won't be anything special you will have to do given that the firewall is switched on by default for all domains and subdomains that you add through your hosting CP. If necessary, you can disable ModSecurity for a particular website or switch on the so-called detection mode in which case the firewall will still operate and record data, but won't do anything to prevent potential attacks on your websites. Detailed logs shall be available within your Control Panel and you'll be able to see what sort of attacks occurred, what security rules were triggered and how the firewall addressed the threats, what IP addresses the attacks originated from, and so on. We employ two kinds of rules on our servers - commercial ones from a firm which operates in the field of web security, and customized ones that our administrators sometimes add to respond to newly identified risks promptly.
ModSecurity in VPS Servers
All VPS servers which are offered with the Hepsia CP feature ModSecurity. The firewall is installed and turned on by default for all domains which are hosted on the server, so there shall not be anything special which you will have to do to protect your websites. It will take you simply a click to stop ModSecurity if needed or to switch on its passive mode so that it records what goes on without taking any steps to prevent intrusions. You'll be able to see the logs created in passive or active mode through the corresponding section of Hepsia and learn more about the form of the attack, where it originated from, what rule the firewall used to tackle it, etc. We use a combination of commercial and custom rules in order to make sure that ModSecurity shall block out as many risks as possible, consequently improving the security of your web apps as much as possible.
ModSecurity in Dedicated Servers
ModSecurity comes with all dedicated servers that are integrated with our Hepsia CP and you will not have to do anything specific on your end to use it since it is switched on by default whenever you add a new domain or subdomain on your server. In case it interferes with any of your applications, you will be able to stop it through the respective section of Hepsia, or you may leave it operating in passive mode, so it will recognize attacks and will still keep a log for them, but won't prevent them. You can look at the logs later to learn what you can do to boost the security of your websites as you will find details such as where an intrusion attempt originated from, what site was attacked and in accordance with what rule ModSecurity responded, etc. The rules which we employ are commercial, therefore they are constantly updated by a security company, but to be on the safe side, our staff also add custom rules occasionally in order to respond to any new threats they have found.