ModSecurity is an efficient firewall for Apache web servers that's employed to prevent attacks toward web apps. It keeps track of the HTTP traffic to a certain site in real time and blocks any intrusion attempts the moment it identifies them. The firewall uses a set of rules to do that - for example, attempting to log in to a script administrator area without success a few times triggers one rule, sending a request to execute a certain file which may result in gaining access to the Internet site triggers a different rule, and so forth. ModSecurity is among the best firewalls out there and it'll secure even scripts that aren't updated frequently since it can prevent attackers from employing known exploits and security holes. Incredibly detailed data about each and every intrusion attempt is recorded and the logs the firewall maintains are a lot more comprehensive than the conventional logs created by the Apache server, so you can later analyze them and decide whether you need to take extra measures in order to enhance the security of your script-driven websites.
ModSecurity in Cloud Website Hosting
We provide ModSecurity with all cloud website hosting packages, so your Internet applications shall be resistant to malicious attacks. The firewall is activated by default for all domains and subdomains, but if you'd like, you will be able to stop it using the respective section of your Hepsia Control Panel. You could also switch on a detection mode, so ModSecurity will keep a log as intended, but will not take any action. The logs which you'll discover in Hepsia are incredibly detailed and feature info about the nature of any attack, when it occurred and from what IP, the firewall rule which was triggered, and so forth. We use a range of commercial rules that are regularly updated, but sometimes our admins add custom rules as well in order to better protect the sites hosted on our servers.
ModSecurity in Semi-dedicated Servers
We have integrated ModSecurity as a standard within all semi-dedicated server packages, so your web apps shall be protected as soon as you set them up under any domain or subdomain. The Hepsia Control Panel that is included with the semi-dedicated accounts will allow you to switch on or turn off the firewall for any website with a click. You will also have the ability to activate a passive detection mode in which ModSecurity shall keep a log of potential attacks without actually stopping them. The thorough logs include things like the nature of the attack and what ModSecurity response this attack triggered, where it came from, etcetera. The list of rules we employ is frequently updated in order to match any new threats which could appear on the Internet and it consists of both commercial rules that we get from a security company and custom-written ones which our admins include in the event that they discover a threat that is not present inside the commercial list yet.
ModSecurity in VPS Servers
All VPS servers that are offered with the Hepsia Control Panel come with ModSecurity. The firewall is set up and switched on by default for all domains which are hosted on the machine, so there will not be anything special that you shall have to do to protect your Internet sites. It'll take you a click to stop ModSecurity if required or to activate its passive mode so that it records what happens without taking any actions to prevent intrusions. You will be able to view the logs created in passive or active mode through the corresponding section of Hepsia and find out more about the type of the attack, where it originated from, what rule the firewall employed to handle it, and so forth. We employ a mix of commercial and custom rules in order to ensure that ModSecurity shall stop as many risks as possible, thus enhancing the protection of your web applications as much as possible.
ModSecurity in Dedicated Servers
When you opt to host your sites on a dedicated server with the Hepsia CP, your web applications will be secured right away since ModSecurity is provided with all Hepsia-based plans. You shall be able to manage the firewall effortlessly and if required, you will be able to turn it off or switch on its passive mode when it shall only maintain a log of what is going on without taking any action to stop possible attacks. The logs that you'll find within the very same section of the Control Panel are really detailed and feature data about the attacker IP, what site and file were attacked and in what ways, what rule the firewall used to prevent the intrusion, etcetera. This data will enable you to take measures and increase the security of your websites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones which our administrators include whenever they recognize attacks which haven't yet been included within the commercial pack.