ModSecurity is an effective firewall for Apache web servers that is employed to prevent attacks towards web apps. It keeps track of the HTTP traffic to a given Internet site in real time and stops any intrusion attempts as soon as it discovers them. The firewall uses a set of rules to do that - for instance, attempting to log in to a script administrator area unsuccessfully several times sets off one rule, sending a request to execute a specific file which may result in accessing the site triggers a different rule, etcetera. ModSecurity is one of the best firewalls on the market and it'll protect even scripts that are not updated regularly as it can prevent attackers from employing known exploits and security holes. Incredibly detailed info about every single intrusion attempt is recorded and the logs the firewall keeps are a lot more comprehensive than the regular logs generated by the Apache server, so you could later examine them and decide whether you need to take more measures so as to increase the security of your script-driven Internet sites.
ModSecurity in Website Hosting
We provide ModSecurity with all website hosting
plans, so your web applications will be protected against destructive attacks. The firewall is activated as standard for all domains and subdomains, but if you'd like, you'll be able to stop it using the respective section of your Hepsia Control Panel. You could also switch on a detection mode, so ModSecurity shall keep a log as intended, but will not take any action. The logs that you'll find inside Hepsia are very detailed and feature info about the nature of any attack, when it transpired and from what IP, the firewall rule which was triggered, etc. We employ a range of commercial rules that are often updated, but sometimes our administrators add custom rules as well in order to better protect the Internet sites hosted on our servers.
ModSecurity in Semi-dedicated Servers
All semi-dedicated server
plans that we offer include ModSecurity and since the firewall is switched on by default, any Internet site that you build under a domain or a subdomain will be protected immediately. A separate section in the Hepsia Control Panel that comes with the semi-dedicated accounts is devoted to ModSecurity and it will allow you to start and stop the firewall for any website or activate a detection mode. With the last option, ModSecurity won't take any action, but it will still recognize possible attacks and will keep all information in a log as if it were completely active. The logs can be found within the same section of the Control Panel and they offer details about the IP where an attack came from, what its nature was, what rule ModSecurity applies to identify and stop it, and so forth. The security rules we employ on our web servers are a mix between commercial ones from a security business and custom ones developed by our system admins. Consequently, we offer greater security for your web applications as we can defend them from attacks before security businesses release updates for new threats.
ModSecurity in VPS Servers
ModSecurity is pre-installed on all VPS servers
which are offered with the Hepsia hosting CP, so your web programs shall be protected from the second your server is in a position. The firewall is activated by default for any domain or subdomain on the VPS, but if required, you could deactivate it with a click through the corresponding section of Hepsia. You may also set it to function in detection mode, so it'll maintain a detailed log of any possible attacks without taking any action to prevent them. The logs can be found within the very same section and include information regarding the nature of the attack, what IP address it came from and what ModSecurity rule was triggered to stop it. For optimum security, we employ not only commercial rules from a firm working in the field of web security, but also custom ones our administrators include personally so as to react to new risks that are still not tackled in the commercial rules.
ModSecurity in Dedicated Servers
When you decide to host your websites on a dedicated server
with the Hepsia CP, your web programs will be protected right away as ModSecurity is provided with all Hepsia-based plans. You'll be able to regulate the firewall without difficulty and if required, you shall be able to turn it off or enable its passive mode when it will only keep a log of what's happening without taking any action to prevent possible attacks. The logs that you can find within the exact same section of the Control Panel are extremely detailed and contain data about the attacker IP address, what website and file were attacked and in what way, what rule the firewall used to prevent the intrusion, and so on. This info will enable you to take measures and boost the security of your websites even more. To be on the safe side, we use not only commercial rules, but also custom-made ones which our staff include when they recognize attacks which haven't yet been included inside the commercial pack.