ModSecurity is a highly effective firewall for Apache web servers which is used to prevent attacks against web applications. It monitors the HTTP traffic to a specific Internet site in real time and prevents any intrusion attempts the instant it discovers them. The firewall relies on a set of rules to accomplish that - as an illustration, attempting to log in to a script admin area unsuccessfully many times triggers one rule, sending a request to execute a specific file that may result in accessing the Internet site triggers another rule, and so forth. ModSecurity is one of the best firewalls available on the market and it'll secure even scripts which aren't updated on a regular basis because it can prevent attackers from using known exploits and security holes. Incredibly thorough data about each intrusion attempt is recorded and the logs the firewall keeps are far more comprehensive than the standard logs provided by the Apache server, so you may later examine them and determine whether you need to take more measures in order to enhance the safety of your script-driven websites.
ModSecurity in Cloud Web Hosting
ModSecurity comes by default with all cloud web hosting packages which we supply and it will be turned on automatically for any domain or subdomain you add/create within your Hepsia hosting Control Panel. The firewall has 3 different modes, so you can activate and deactivate it with a mouse click or set it to detection mode, so it will maintain a log of all attacks, but it'll not do anything to prevent them. The log for each of your websites will feature in-depth information which includes the nature of the attack, where it came from, what action was taken by ModSecurity, and so on. The firewall rules that we use are constantly updated and consist of both commercial ones we get from a third-party security business and custom ones which our system administrators add in the event that they detect a new kind of attacks. This way, the sites which you host here shall be way more protected with no action needed on your end.
ModSecurity in Semi-dedicated Hosting
ModSecurity is part of our semi-dedicated hosting solutions and if you decide to host your websites with our company, there won't be anything special you'll need to do since the firewall is turned on by default for all domains and subdomains which you add through your hosting Control Panel. If necessary, you'll be able to disable ModSecurity for a certain website or enable the so-called detection mode in which case the firewall will still work and record information, but won't do anything to prevent possible attacks on your Internet sites. In depth logs will be readily available inside your CP and you'll be able to see what sort of attacks took place, what security rules were triggered and how the firewall handled the threats, what Internet protocol addresses the attacks came from, etc. We use two types of rules on our servers - commercial ones from a firm that operates in the field of web security, and customized ones which our admins often add to respond to newly discovered threats promptly.
ModSecurity in VPS Web Hosting
Protection is essential to us, so we install ModSecurity on all virtual private servers which are set up with the Hepsia CP by default. The firewall can be managed through a dedicated section within Hepsia and is turned on automatically when you add a new domain or create a subdomain, so you won't need to do anything manually. You shall also be able to disable it or activate the so-called detection mode, so it will keep a log of possible attacks that you can later study, but won't block them. The logs in both passive and active modes include details about the kind of the attack and how it was prevented, what IP address it originated from and other important info which might help you to tighten the security of your sites by updating them or blocking IPs, as an example. Beyond the commercial rules which we get for ModSecurity from a third-party security enterprise, we also employ our own rules because every now and then we find specific attacks that are not yet present within the commercial package. This way, we can improve the protection of your VPS promptly as opposed to awaiting an official update.
ModSecurity in Dedicated Servers Hosting
If you opt to host your sites on a dedicated server with the Hepsia CP, your web applications will be secured right away because ModSecurity is available with all Hepsia-based solutions. You'll be able to control the firewall easily and if needed, you will be able to turn it off or enable its passive mode when it will only maintain a log of what's taking place without taking any action to prevent possible attacks. The logs which you can find inside the same section of the CP are extremely detailed and feature info about the attacker IP, what site and file were attacked and in what way, what rule the firewall employed to stop the intrusion, etcetera. This data will allow you to take measures and boost the protection of your Internet sites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones that our staff add every time they identify attacks which haven't yet been included inside the commercial pack.