ModSecurity is a highly effective firewall for Apache web servers that's employed to prevent attacks towards web apps. It monitors the HTTP traffic to a particular site in real time and stops any intrusion attempts the instant it identifies them. The firewall uses a set of rules to accomplish that - as an illustration, attempting to log in to a script administration area unsuccessfully several times triggers one rule, sending a request to execute a particular file which could result in accessing the site triggers another rule, and so forth. ModSecurity is amongst the best firewalls on the market and it will protect even scripts that are not updated frequently because it can prevent attackers from using known exploits and security holes. Very thorough info about each and every intrusion attempt is recorded and the logs the firewall maintains are far more specific than the conventional logs created by the Apache server, so you could later examine them and determine if you need to take more measures in order to increase the safety of your script-driven Internet sites.
ModSecurity in Shared Hosting
ModSecurity is offered with each shared hosting plan that we offer and it's activated by default for every domain or subdomain that you add via your Hepsia CP. If it interferes with any of your applications or you'd like to disable it for some reason, you'll be able to accomplish that through the ModSecurity section of Hepsia with merely a click. You may also enable a passive mode, so the firewall will identify possible attacks and maintain a log, but won't take any action. You could view comprehensive logs in the very same section, including the IP address where the attack came from, what exactly the attacker aimed to do and at what time, what ModSecurity did, and so on. For max protection of our customers we use a group of commercial firewall rules combined with custom ones which are included by our system administrators.
ModSecurity in Semi-dedicated Servers
We've included ModSecurity by default within all semi-dedicated server plans, so your web apps will be protected whenever you install them under any domain or subdomain. The Hepsia Control Panel that comes with the semi-dedicated accounts will permit you to activate or disable the firewall for any Internet site with a mouse click. You shall also be able to turn on a passive detection mode with which ModSecurity shall keep a log of potential attacks without really stopping them. The comprehensive logs include things like the nature of the attack and what ModSecurity response this attack generated, where it came from, and so on. The list of rules which we use is constantly updated as to match any new threats which might appear on the Internet and it includes both commercial rules that we get from a security firm and custom-written ones that our administrators include if they discover a threat that is not present in the commercial list yet.
ModSecurity in VPS Servers
All VPS servers that are provided with the Hepsia Control Panel include ModSecurity. The firewall is installed and turned on by default for all domains that are hosted on the server, so there will not be anything special that you will have to do to protect your websites. It shall take you just a click to stop ModSecurity if needed or to turn on its passive mode so that it records what goes on without taking any measures to prevent intrusions. You will be able to look at the logs produced in passive or active mode via the corresponding section of Hepsia and discover more about the form of the attack, where it originated from, what rule the firewall employed to deal with it, etcetera. We use a mixture of commercial and custom rules in order to ensure that ModSecurity shall block out as many risks as possible, hence enhancing the security of your web programs as much as possible.
ModSecurity in Dedicated Servers
ModSecurity comes with all dedicated servers which are integrated with our Hepsia CP and you'll not need to do anything specific on your end to employ it since it's turned on by default whenever you add a new domain or subdomain on your hosting server. In the event that it disrupts any of your programs, you shall be able to stop it via the respective area of Hepsia, or you can leave it operating in passive mode, so it'll detect attacks and will still keep a log for them, but won't stop them. You could look at the logs later to learn what you can do to enhance the safety of your websites as you shall find info such as where an intrusion attempt came from, what site was attacked and based on what rule ModSecurity responded, and so on. The rules that we employ are commercial, therefore they're frequently updated by a security provider, but to be on the safe side, our administrators also add custom rules from time to time as to respond to any new threats they have discovered.