ModSecurity is an efficient firewall for Apache web servers which is used to prevent attacks toward web apps. It keeps track of the HTTP traffic to a specific Internet site in real time and prevents any intrusion attempts the instant it detects them. The firewall uses a set of rules to accomplish that - as an example, attempting to log in to a script administration area without success a few times triggers one rule, sending a request to execute a certain file which may result in accessing the Internet site triggers another rule, and so on. ModSecurity is among the best firewalls available on the market and it will preserve even scripts that aren't updated on a regular basis as it can prevent attackers from using known exploits and security holes. Very thorough information about every single intrusion attempt is recorded and the logs the firewall maintains are far more detailed than the regular logs generated by the Apache server, so you could later examine them and determine whether you need to take extra measures in order to boost the safety of your script-driven websites.
ModSecurity in Shared Web Hosting
ModSecurity is available with every shared web hosting solution which we provide and it's activated by default for every domain or subdomain that you add through your Hepsia CP. In the event that it disrupts any of your applications or you would like to disable it for whatever reason, you shall be able to accomplish that through the ModSecurity area of Hepsia with just a click. You could also enable a passive mode, so the firewall will discover potential attacks and maintain a log, but won't take any action. You can view comprehensive logs in the exact same section, including the IP address where the attack came from, what exactly the attacker aimed to do and at what time, what ModSecurity did, and so forth. For max security of our clients we use a collection of commercial firewall rules combined with custom ones that are provided by our system administrators.
ModSecurity in Semi-dedicated Servers
Any web application you set up inside your new semi-dedicated server account will be protected by ModSecurity as the firewall comes with all our hosting packages and is switched on by default for any domain and subdomain which you include or create using your Hepsia hosting CP. You will be able to manage ModSecurity via a dedicated section within Hepsia where not only could you activate or deactivate it entirely, but you can also switch on a passive mode, so the firewall will not stop anything, but it'll still maintain a record of possible attacks. This takes simply a click and you'll be able to see the logs no matter if ModSecurity is in active or passive mode through the same section - what the attack was and where it came from, how it was taken care of, and so on. The firewall uses two sets of rules on our servers - a commercial one which we get from a third-party web security provider and a custom one which our admins update manually in order to respond to recently discovered threats as fast as possible.
ModSecurity in VPS Servers
Safety is of the utmost importance to us, so we set up ModSecurity on all VPS servers which are made available with the Hepsia Control Panel by default. The firewall could be managed through a dedicated section in Hepsia and is switched on automatically when you include a new domain or generate a subdomain, so you won't need to do anything by hand. You'll also be able to deactivate it or switch on the so-called detection mode, so it'll keep a log of potential attacks you can later study, but will not stop them. The logs in both passive and active modes include information regarding the form of the attack and how it was stopped, what IP address it came from and other valuable information that might help you to tighten the security of your Internet sites by updating them or blocking IPs, for example. Besides the commercial rules which we get for ModSecurity from a third-party security firm, we also implement our own rules as occasionally we find specific attacks which aren't yet present in the commercial group. This way, we could increase the protection of your VPS in a timely manner rather than awaiting a certified update.
ModSecurity in Dedicated Servers
ModSecurity is available by default with all dedicated servers that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain you host or subdomain that you create on the server. In the event that a web app doesn't function adequately, you may either disable the firewall or set it to operate in passive mode. The second means that ModSecurity will maintain a log of any possible attack which may happen, but won't take any action to prevent it. The logs created in passive or active mode will provide you with more details about the exact file which was attacked, the form of the attack and the IP it came from, etc. This information shall enable you to decide what measures you can take to improve the safety of your sites, for instance blocking IPs or performing script and plugin updates. The ModSecurity rules that we employ are updated frequently with a commercial package from a third-party security company we work with, but oftentimes our admins add their own rules also in case they identify a new potential threat.