ModSecurity is a powerful firewall for Apache web servers that's employed to stop attacks towards web applications. It monitors the HTTP traffic to a certain site in real time and stops any intrusion attempts as soon as it discovers them. The firewall uses a set of rules to accomplish that - for instance, trying to log in to a script administration area without success several times sets off one rule, sending a request to execute a certain file that could result in gaining access to the Internet site triggers a different rule, etcetera. ModSecurity is one of the best firewalls around and it'll protect even scripts that are not updated often because it can prevent attackers from employing known exploits and security holes. Incredibly detailed info about every single intrusion attempt is recorded and the logs the firewall keeps are a lot more specific than the conventional logs created by the Apache server, so you could later examine them and decide whether you need to take extra measures in order to enhance the protection of your script-driven websites.
ModSecurity in Semi-dedicated Hosting
All semi-dedicated hosting solutions that we offer include ModSecurity and because the firewall is switched on by default, any website which you build under a domain or a subdomain will be secured right away. A separate section within the Hepsia CP that comes with the semi-dedicated accounts is devoted to ModSecurity and it'll allow you to stop and start the firewall for any website or enable a detection mode. With the latter, ModSecurity won't take any action, but it shall still detect possible attacks and will keep all information within a log as if it were completely active. The logs can be found within the very same section of the Control Panel and they include info about the IP where an attack came from, what its nature was, what rule ModSecurity applies to recognize and stop it, etcetera. The security rules which we employ on our servers are a mix between commercial ones from a security business and custom ones developed by our system admins. As a result, we offer increased security for your web applications as we can defend them from attacks before security corporations release updates for completely new threats.
ModSecurity in VPS Hosting
All virtual private servers which are provided with the Hepsia CP include ModSecurity. The firewall is set up and switched on by default for all domains that are hosted on the machine, so there will not be anything special which you will have to do to protect your Internet sites. It shall take you a click to stop ModSecurity if needed or to switch on its passive mode so that it records what happens without taking any measures to stop intrusions. You shall be able to see the logs created in active or passive mode through the corresponding section of Hepsia and discover more about the type of the attack, where it originated from, what rule the firewall employed to deal with it, etcetera. We use a combination of commercial and custom rules so as to make certain that ModSecurity will block as many risks as possible, thus improving the protection of your web apps as much as possible.
ModSecurity in Dedicated Web Hosting
All of our dedicated servers that are set up with the Hepsia hosting Control Panel feature ModSecurity, so any app that you upload or set up will be protected from the very beginning and you'll not need to bother about common attacks or vulnerabilities. An individual section within Hepsia will allow you to start or stop the firewall for each domain or subdomain, or activate a detection mode so that it records details about intrusions, but does not take actions to stop them. What you shall see in the logs can easily allow you to to secure your sites better - the IP an attack originated from, what site was attacked and exactly how, what ModSecurity rule was triggered, etcetera. With this data, you could see if a site needs an update, whether you need to block IPs from accessing your hosting server, etcetera. Aside from the third-party commercial security rules for ModSecurity we use, our administrators add custom ones as well whenever they discover a new threat that's not yet in the commercial bundle.