ModSecurity is a powerful firewall for Apache web servers that is used to prevent attacks towards web applications. It keeps track of the HTTP traffic to a specific Internet site in real time and prevents any intrusion attempts as soon as it identifies them. The firewall uses a set of rules to accomplish that - for instance, attempting to log in to a script administration area without success many times triggers one rule, sending a request to execute a certain file that could result in gaining access to the Internet site triggers a different rule, and so on. ModSecurity is among the best firewalls out there and it'll secure even scripts that are not updated regularly because it can prevent attackers from employing known exploits and security holes. Very thorough information about every intrusion attempt is recorded and the logs the firewall maintains are far more specific than the regular logs generated by the Apache server, so you could later analyze them and determine if you need to take extra measures in order to increase the safety of your script-driven sites.
ModSecurity in Shared Website Hosting
ModSecurity is provided with all shared website hosting servers, so if you choose to host your Internet sites with our firm, they will be resistant to an array of attacks. The firewall is turned on as standard for all domains and subdomains, so there'll be nothing you will need to do on your end. You shall be able to stop ModSecurity for any Internet site if required, or to enable a detection mode, so that all activity will be recorded, but the firewall won't take any real action. You shall be able to view comprehensive logs through your Hepsia CP including the IP where the attack originated from, what the attacker planned to do and how ModSecurity handled the threat. Since we take the security of our customers' websites seriously, we use a set of commercial rules which we take from one of the best companies that maintain this type of rules. Our admins also include custom rules to make certain that your Internet sites shall be shielded from as many threats as possible.
ModSecurity in Semi-dedicated Servers
All semi-dedicated server solutions which we offer feature ModSecurity and because the firewall is switched on by default, any site that you build under a domain or a subdomain shall be protected immediately. A separate section within the Hepsia Control Panel which comes with the semi-dedicated accounts is dedicated to ModSecurity and it will permit you to stop and start the firewall for any Internet site or enable a detection mode. With the last mentioned, ModSecurity will not take any action, but it will still detect possible attacks and will keep all data inside a log as if it were fully active. The logs can be found inside the very same section of the Control Panel and they feature information about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to detect and stop it, and so forth. The security rules we use on our servers are a mix between commercial ones from a security firm and custom ones developed by our system administrators. As a result, we offer greater security for your web programs as we can defend them from attacks before security corporations release updates for completely new threats.
ModSecurity in VPS Servers
All VPS servers which are offered with the Hepsia CP feature ModSecurity. The firewall is set up and turned on by default for all domains that are hosted on the web server, so there will not be anything special which you'll have to do to protect your sites. It will take you simply a mouse click to stop ModSecurity if required or to switch on its passive mode so that it records what goes on without taking any actions to stop intrusions. You will be able to see the logs created in active or passive mode via the corresponding section of Hepsia and find out more about the form of the attack, where it came from, what rule the firewall used to handle it, and so on. We use a mixture of commercial and custom rules in order to make sure that ModSecurity will prevent as many threats as possible, hence increasing the security of your web programs as much as possible.
ModSecurity in Dedicated Servers
ModSecurity is included with all dedicated servers that are integrated with our Hepsia CP and you'll not have to do anything specific on your end to use it as it is turned on by default whenever you include a new domain or subdomain on your web server. In the event that it interferes with some of your programs, you'll be able to stop it through the respective part of Hepsia, or you may leave it in passive mode, so it shall identify attacks and will still maintain a log for them, but won't prevent them. You can analyze the logs later to learn what you can do to increase the security of your Internet sites as you will find information such as where an intrusion attempt came from, what website was attacked and based upon what rule ModSecurity responded, etcetera. The rules which we employ are commercial, therefore they're frequently updated by a security firm, but to be on the safe side, our administrators also add custom rules every now and then in order to deal with any new threats they have discovered.