ModSecurity is a highly effective firewall for Apache web servers that is employed to prevent attacks toward web apps. It keeps track of the HTTP traffic to a specific Internet site in real time and blocks any intrusion attempts the instant it detects them. The firewall uses a set of rules to do that - as an example, attempting to log in to a script administration area without success many times triggers one rule, sending a request to execute a certain file which may result in gaining access to the Internet site triggers a different rule, etcetera. ModSecurity is one of the best firewalls available and it will preserve even scripts which aren't updated frequently since it can prevent attackers from employing known exploits and security holes. Very thorough data about every single intrusion attempt is recorded and the logs the firewall maintains are much more detailed than the regular logs generated by the Apache server, so you may later examine them and determine whether you need to take extra measures so as to improve the protection of your script-driven websites.
ModSecurity in Shared Web Hosting
ModSecurity is available with every shared web hosting solution that we offer and it is switched on by default for every domain or subdomain that you add through your Hepsia Control Panel. In the event that it interferes with any of your apps or you would like to disable it for any reason, you shall be able to achieve that through the ModSecurity section of Hepsia with just a mouse click. You could also use a passive mode, so the firewall will discover potential attacks and keep a log, but shall not take any action. You'll be able to see extensive logs in the very same section, including the IP where the attack came from, what exactly the attacker tried to do and at what time, what ModSecurity did, and so forth. For max protection of our customers we use a set of commercial firewall rules combined with custom ones that are included by our system admins.
ModSecurity in Semi-dedicated Servers
ModSecurity is a part of our semi-dedicated server plans and if you opt to host your websites with us, there will not be anything special you'll have to do since the firewall is turned on by default for all domains and subdomains you add through your hosting CP. If needed, you could disable ModSecurity for a given Internet site or enable the so-called detection mode in which case the firewall shall still function and record data, but shall not do anything to prevent possible attacks against your Internet sites. Thorough logs will be readily available inside your Control Panel and you will be able to see what sort of attacks occurred, what security rules were triggered and how the firewall handled the threats, what IP addresses the attacks originated from, and so on. We use two kinds of rules on our servers - commercial ones from a business that operates in the field of web security, and customized ones which our admins occasionally include to respond to newly identified threats on time.
ModSecurity in VPS Servers
ModSecurity is provided with all Hepsia-based VPS servers that we offer and it will be turned on automatically for every new domain or subdomain you include on the hosting server. This way, any web application that you install will be protected right away without doing anything manually on your end. The firewall can be handled via the section of the Control Panel which has the same name. This is the area whereyou could switch off ModSecurity or enable its passive mode, so it shall not take any action toward threats, but shall still maintain a thorough log. The recorded information is available inside the same section as well and you will be able to see what IPs any attacks originated from to enable you to stop them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity reacted. The rules which we employ on our servers are a mixture between commercial ones which we get from a security company and custom ones that are added by our administrators to optimize the security of any web applications hosted on our end.
ModSecurity in Dedicated Servers
All our dedicated servers that are set up with the Hepsia hosting CP come with ModSecurity, so any program you upload or install shall be protected from the very beginning and you'll not have to stress about common attacks or vulnerabilities. A separate section in Hepsia will permit you to start or stop the firewall for every domain or subdomain, or switch on a detection mode so that it records info about intrusions, but does not take actions to prevent them. What you will discover in the logs can easily allow you to to secure your websites better - the IP an attack came from, what website was attacked and how, what ModSecurity rule was triggered, and so on. With this info, you could see whether a site needs an update, if you need to block IPs from accessing your hosting server, etcetera. On top of the third-party commercial security rules for ModSecurity that we use, our admins add custom ones too when they find a new threat that's not yet in the commercial bundle.