ModSecurity is a highly effective firewall for Apache web servers that's employed to prevent attacks against web apps. It keeps track of the HTTP traffic to a certain site in real time and stops any intrusion attempts the moment it discovers them. The firewall uses a set of rules to accomplish that - as an illustration, trying to log in to a script administrator area without success several times activates one rule, sending a request to execute a specific file that could result in gaining access to the Internet site triggers a different rule, etcetera. ModSecurity is among the best firewalls available and it will protect even scripts that are not updated often as it can prevent attackers from using known exploits and security holes. Incredibly thorough information about every single intrusion attempt is recorded and the logs the firewall keeps are far more specific than the regular logs generated by the Apache server, so you may later analyze them and decide if you need to take additional measures in order to boost the security of your script-driven websites.
ModSecurity in Shared Web Hosting
We provide ModSecurity with all shared web hosting
plans, so your web applications will be shielded from malicious attacks. The firewall is turned on as standard for all domains and subdomains, but in case you would like, you'll be able to stop it through the respective area of your Hepsia Control Panel. You'll be able to also switch on a detection mode, so ModSecurity will keep a log as intended, but won't take any action. The logs that you'll discover inside Hepsia are extremely detailed and feature information about the nature of any attack, when it took place and from what IP address, the firewall rule which was triggered, etcetera. We employ a range of commercial rules which are regularly updated, but sometimes our admins include custom rules as well in order to efficiently protect the sites hosted on our servers.
ModSecurity in Semi-dedicated Hosting
ModSecurity is part of our semi-dedicated hosting
plans and if you choose to host your Internet sites with us, there won't be anything special you'll have to do since the firewall is activated by default for all domains and subdomains that you add through your hosting Control Panel. If needed, you'll be able to disable ModSecurity for a particular website or enable the so-called detection mode in which case the firewall will still work and record data, but won't do anything to prevent potential attacks against your websites. Detailed logs will be accessible inside your CP and you shall be able to see what sort of attacks occurred, what security rules were triggered and how the firewall handled the threats, what Internet protocol addresses the attacks originated from, etc. We employ two types of rules on our servers - commercial ones from an organization that operates in the field of web security, and custom made ones which our admins occasionally include to respond to newly discovered risks in a timely manner.
ModSecurity in VPS Web Hosting
ModSecurity is pre-installed on all virtual private servers
that are set up with the Hepsia hosting Control Panel, so your web programs will be secured from the second your server is ready. The firewall is activated by default for any domain or subdomain on the VPS, but if needed, you could deactivate it with a click of your mouse via the corresponding section of Hepsia. You can also set it to function in detection mode, so it'll maintain a comprehensive log of any possible attacks without taking any action to stop them. The logs are available inside the same section and include information regarding the nature of the attack, what IP address it came from and what ModSecurity rule was activated to stop it. For best security, we use not simply commercial rules from a business operating in the field of web security, but also custom ones which our admins add manually in order to react to new risks which are still not dealt with in the commercial rules.
ModSecurity in Dedicated Servers Hosting
All our dedicated servers
which are installed with the Hepsia hosting CP come with ModSecurity, so any application you upload or install shall be secured from the very beginning and you'll not need to bother about common attacks or vulnerabilities. An independent section within Hepsia will allow you to start or stop the firewall for every domain or subdomain, or turn on a detection mode so that it records information about intrusions, but doesn't take actions to prevent them. What you shall find in the logs can easily enable you to to secure your websites better - the IP an attack came from, what website was attacked as well as how, what ModSecurity rule was triggered, etcetera. With this data, you'll be able to see if an Internet site needs an update, if you ought to block IPs from accessing your server, and so on. In addition to the third-party commercial security rules for ModSecurity which we use, our admins include custom ones as well every time they find a new threat which is not yet a part of the commercial bundle.