ModSecurity is an effective firewall for Apache web servers that's employed to prevent attacks towards web applications. It monitors the HTTP traffic to a specific site in real time and stops any intrusion attempts the moment it identifies them. The firewall uses a set of rules to accomplish that - for example, trying to log in to a script administration area without success many times activates one rule, sending a request to execute a particular file that could result in accessing the site triggers a different rule, and so forth. ModSecurity is amongst the best firewalls around and it will preserve even scripts which are not updated often because it can prevent attackers from employing known exploits and security holes. Incredibly thorough information about each and every intrusion attempt is recorded and the logs the firewall keeps are considerably more comprehensive than the conventional logs created by the Apache server, so you may later analyze them and decide whether you need to take additional measures so as to boost the safety of your script-driven sites.
ModSecurity in Web Hosting
ModSecurity can be found with every web hosting
package that we offer and it is activated by default for every domain or subdomain that you include through your Hepsia Control Panel. In case it disrupts any of your apps or you would like to disable it for some reason, you will be able to accomplish that through the ModSecurity section of Hepsia with merely a mouse click. You may also use a passive mode, so the firewall will discover potential attacks and maintain a log, but shall not take any action. You can see detailed logs in the very same section, including the IP address where the attack came from, exactly what the attacker attempted to do and at what time, what ModSecurity did, and so forth. For optimum protection of our clients we use a collection of commercial firewall rules combined with custom ones which are provided by our system admins.
ModSecurity in Semi-dedicated Servers
Any web program you set up in your new semi-dedicated server
account shall be protected by ModSecurity since the firewall is provided with all our hosting packages and is switched on by default for any domain and subdomain which you include or create using your Hepsia hosting Control Panel. You'll be able to manage ModSecurity via a dedicated section inside Hepsia where not simply can you activate or deactivate it fully, but you can also enable a passive mode, so the firewall will not stop anything, but it shall still maintain a record of potential attacks. This normally requires simply a click and you'll be able to see the logs no matter if ModSecurity is in passive or active mode through the same section - what the attack was and where it came from, how it was addressed, etc. The firewall uses two sets of rules on our machines - a commercial one which we get from a third-party web security firm and a custom one that our administrators update personally in order to respond to recently discovered risks as soon as possible.
ModSecurity in VPS Servers
ModSecurity is pre-installed on all VPS servers
that are provided with the Hepsia hosting Control Panel, so your web applications will be secured from the instant your server is ready. The firewall is switched on by default for any domain or subdomain on the VPS, but if necessary, you'll be able to deactivate it with a click through the corresponding section of Hepsia. You could also set it to work in detection mode, so it shall keep an extensive log of any possible attacks without taking any action to prevent them. The logs are available in the same section and include information regarding the nature of the attack, what IP address it came from and what ModSecurity rule was activated to stop it. For maximum security, we employ not simply commercial rules from a company working in the field of web security, but also custom ones that our admins include manually in order to respond to new threats which are still not dealt with in the commercial rules.
ModSecurity in Dedicated Servers
ModSecurity is provided with all dedicated servers
that are set up with our Hepsia Control Panel and you'll not need to do anything specific on your end to employ it since it's activated by default every time you add a new domain or subdomain on your web server. If it disrupts any of your programs, you'll be able to stop it via the respective section of Hepsia, or you can leave it working in passive mode, so it shall detect attacks and shall still maintain a log for them, but won't stop them. You'll be able to look at the logs later to learn what you can do to increase the safety of your sites as you will find information such as where an intrusion attempt originated from, what site was attacked and in accordance with what rule ModSecurity responded, etcetera. The rules which we employ are commercial, thus they're regularly updated by a security company, but to be on the safe side, our admins also add custom rules from time to time in order to respond to any new threats they have discovered.