ModSecurity is a powerful firewall for Apache web servers that's employed to prevent attacks toward web applications. It keeps track of the HTTP traffic to a given Internet site in real time and stops any intrusion attempts the instant it detects them. The firewall uses a set of rules to accomplish that - as an illustration, trying to log in to a script admin area without success many times activates one rule, sending a request to execute a certain file that could result in gaining access to the site triggers a different rule, and so forth. ModSecurity is one of the best firewalls on the market and it'll secure even scripts which are not updated often as it can prevent attackers from employing known exploits and security holes. Incredibly thorough information about each and every intrusion attempt is recorded and the logs the firewall keeps are considerably more detailed than the conventional logs created by the Apache server, so you can later examine them and determine if you need to take additional measures in order to improve the safety of your script-driven Internet sites.
ModSecurity in Web Hosting
ModSecurity is available on all web hosting web servers, so when you decide to host your websites with our firm, they will be protected against a wide range of attacks. The firewall is enabled by default for all domains and subdomains, so there'll be nothing you will need to do on your end. You shall be able to stop ModSecurity for any site if required, or to activate a detection mode, so all activity will be recorded, but the firewall shall not take any real action. You will be able to view comprehensive logs via your Hepsia CP including the IP where the attack originated from, what the attacker planned to do and how ModSecurity dealt with the threat. Since we take the safety of our clients' sites seriously, we employ a collection of commercial rules which we get from one of the top companies that maintain this type of rules. Our admins also add custom rules to ensure that your Internet sites will be protected against as many threats as possible.
ModSecurity in Semi-dedicated Servers
All semi-dedicated server solutions which we offer feature ModSecurity and since the firewall is enabled by default, any website which you set up under a domain or a subdomain will be secured right away. A separate section within the Hepsia CP which comes with the semi-dedicated accounts is devoted to ModSecurity and it shall enable you to stop and start the firewall for any website or enable a detection mode. With the last option, ModSecurity shall not take any action, but it will still identify possible attacks and shall keep all information in a log as if it were fully active. The logs could be found within the very same section of the Control Panel and they include details about the IP where an attack came from, what its nature was, what rule ModSecurity applies to detect and stop it, and so forth. The security rules which we use on our servers are a mix of commercial ones from a security firm and custom ones developed by our system admins. For that reason, we provide increased security for your web apps as we can shield them from attacks before security corporations release updates for new threats.
ModSecurity in VPS Servers
Safety is of the utmost importance to us, so we set up ModSecurity on all VPS servers that are made available with the Hepsia Control Panel by default. The firewall can be managed through a dedicated section in Hepsia and is activated automatically when you add a new domain or create a subdomain, so you won't need to do anything personally. You will also be able to deactivate it or turn on the so-called detection mode, so it shall keep a log of potential attacks which you can later study, but won't stop them. The logs in both passive and active modes include details regarding the kind of the attack and how it was prevented, what IP it originated from and other useful data that may help you to tighten the security of your websites by updating them or blocking IPs, for instance. Beyond the commercial rules that we get for ModSecurity from a third-party security enterprise, we also use our own rules as every now and then we identify specific attacks that aren't yet present within the commercial package. That way, we can easily improve the security of your Virtual private server right away as opposed to waiting for a certified update.
ModSecurity in Dedicated Servers
ModSecurity is provided by default with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain you host or subdomain that you create on the web server. In the event that a web application doesn't operate properly, you can either disable the firewall or set it to operate in passive mode. The second means that ModSecurity shall maintain a log of any potential attack which could happen, but won't take any action to stop it. The logs produced in active or passive mode will offer you additional details about the exact file that was attacked, the nature of the attack and the IP address it originated from, etcetera. This information will enable you to determine what measures you can take to enhance the safety of your websites, for instance blocking IPs or performing script and plugin updates. The ModSecurity rules we use are updated constantly with a commercial bundle from a third-party security enterprise we work with, but occasionally our staff add their own rules too if they come across a new potential threat.