ModSecurity is an effective firewall for Apache web servers which is used to prevent attacks toward web apps. It monitors the HTTP traffic to a particular website in real time and blocks any intrusion attempts the moment it identifies them. The firewall relies on a set of rules to accomplish that - as an example, trying to log in to a script administrator area unsuccessfully a few times activates one rule, sending a request to execute a certain file which may result in getting access to the site triggers another rule, etcetera. ModSecurity is one of the best firewalls out there and it will protect even scripts which aren't updated often as it can prevent attackers from employing known exploits and security holes. Very detailed data about every single intrusion attempt is recorded and the logs the firewall maintains are a lot more comprehensive than the conventional logs generated by the Apache server, so you may later analyze them and determine if you need to take more measures in order to improve the protection of your script-driven websites.
ModSecurity in Cloud Hosting
We offer ModSecurity with all cloud hosting plans, so your web apps will be shielded from harmful attacks. The firewall is turned on as standard for all domains and subdomains, but in case you'd like, you'll be able to stop it using the respective part of your Hepsia Control Panel. You could also activate a detection mode, so ModSecurity will keep a log as intended, but won't take any action. The logs which you will discover in Hepsia are incredibly detailed and feature data about the nature of any attack, when it occurred and from what IP address, the firewall rule that was triggered, and so on. We employ a set of commercial rules which are often updated, but sometimes our administrators add custom rules as well so as to efficiently protect the websites hosted on our machines.
ModSecurity in Semi-dedicated Servers
Any web app which you set up within your new semi-dedicated server account shall be protected by ModSecurity because the firewall comes with all our hosting packages and is activated by default for any domain and subdomain which you include or create using your Hepsia hosting CP. You'll be able to manage ModSecurity via a dedicated area within Hepsia where not simply can you activate or deactivate it entirely, but you may also switch on a passive mode, so the firewall will not block anything, but it'll still keep an archive of potential attacks. This takes simply a mouse click and you'll be able to see the logs regardless if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was addressed, and so forth. The firewall uses 2 sets of rules on our servers - a commercial one which we get from a third-party web security provider and a custom one that our administrators update personally in order to respond to newly discovered risks as quickly as possible.
ModSecurity in VPS Servers
ModSecurity is included with all Hepsia-based VPS servers we offer and it will be activated automatically for any new domain or subdomain you include on the hosting server. That way, any web app which you install will be secured right away without doing anything personally on your end. The firewall could be managed from the section of the Control Panel that has the same name. This is the location whereyou could switch off ModSecurity or activate its passive mode, so it will not take any action towards threats, but shall still keep a thorough log. The recorded info is available within the same area as well and you'll be able to see what IPs any attacks originated from so that you can stop them, what the nature of the attempted attacks was and based upon what security rules ModSecurity reacted. The rules which we employ on our servers are a blend between commercial ones we get from a security organization and custom ones which are included by our staff to maximize the protection of any web applications hosted on our end.
ModSecurity in Dedicated Servers
ModSecurity is included with all dedicated servers that are set up with our Hepsia CP and you won't have to do anything specific on your end to use it because it is turned on by default each time you add a new domain or subdomain on your hosting server. In case it disrupts any of your applications, you'll be able to stop it via the respective area of Hepsia, or you may leave it operating in passive mode, so it'll identify attacks and shall still keep a log for them, but will not prevent them. You can analyze the logs later to determine what you can do to increase the safety of your Internet sites as you'll find details such as where an intrusion attempt originated from, what Internet site was attacked and in accordance with what rule ModSecurity reacted, etc. The rules that we employ are commercial, hence they're constantly updated by a security provider, but to be on the safe side, our admins also include custom rules occasionally in order to react to any new threats they have found.