ModSecurity is a highly effective firewall for Apache web servers that's used to stop attacks against web applications. It monitors the HTTP traffic to a given Internet site in real time and prevents any intrusion attempts the instant it detects them. The firewall uses a set of rules to do that - as an illustration, trying to log in to a script administrator area unsuccessfully a few times triggers one rule, sending a request to execute a certain file which may result in getting access to the site triggers another rule, etc. ModSecurity is among the best firewalls around and it'll protect even scripts that aren't updated on a regular basis since it can prevent attackers from using known exploits and security holes. Very detailed information about every single intrusion attempt is recorded and the logs the firewall maintains are much more specific than the standard logs generated by the Apache server, so you can later take a look at them and determine whether you need to take extra measures in order to increase the security of your script-driven websites.
ModSecurity in Shared Hosting
We offer ModSecurity with all shared hosting solutions, so your web apps will be shielded from destructive attacks. The firewall is turned on by default for all domains and subdomains, but in case you would like, you shall be able to stop it via the respective part of your Hepsia Control Panel. You'll be able to also activate a detection mode, so ModSecurity will keep a log as intended, but shall not take any action. The logs which you will find within Hepsia are extremely detailed and offer data about the nature of any attack, when it transpired and from what IP address, the firewall rule which was triggered, etcetera. We use a group of commercial rules which are often updated, but sometimes our admins add custom rules as well in order to better protect the websites hosted on our machines.
ModSecurity in Semi-dedicated Hosting
Any web app that you install inside your new semi-dedicated hosting account will be protected by ModSecurity because the firewall comes with all our hosting plans and is activated by default for any domain and subdomain that you add or create through your Hepsia hosting CP. You will be able to manage ModSecurity via a dedicated area inside Hepsia where not simply can you activate or deactivate it fully, but you can also enable a passive mode, so the firewall won't block anything, but it shall still keep a record of possible attacks. This takes simply a mouse click and you will be able to look at the logs regardless of if ModSecurity is in passive or active mode through the same section - what the attack was and where it originated from, how it was dealt with, etc. The firewall employs 2 sets of rules on our servers - a commercial one which we get from a third-party web security provider and a custom one that our administrators update personally in order to respond to recently discovered threats as quickly as possible.
ModSecurity in VPS
All virtual private servers which are set up with the Hepsia Control Panel feature ModSecurity. The firewall is set up and turned on by default for all domains which are hosted on the server, so there shall not be anything special which you shall have to do to protect your Internet sites. It will take you simply a mouse click to stop ModSecurity if necessary or to activate its passive mode so that it records what goes on without taking any steps to prevent intrusions. You shall be able to see the logs generated in active or passive mode via the corresponding section of Hepsia and learn more about the form of the attack, where it originated from, what rule the firewall employed to deal with it, and so on. We use a combination of commercial and custom rules so as to ensure that ModSecurity shall prevent as many risks as possible, hence improving the security of your web apps as much as possible.
ModSecurity in Dedicated Hosting
ModSecurity is included with all dedicated servers which are integrated with our Hepsia CP and you'll not have to do anything specific on your end to use it since it's switched on by default each time you add a new domain or subdomain on your hosting server. In case it interferes with some of your apps, you'll be able to stop it through the respective section of Hepsia, or you may leave it operating in passive mode, so it will detect attacks and shall still keep a log for them, but will not prevent them. You could look at the logs later to learn what you can do to increase the protection of your sites since you shall find details such as where an intrusion attempt originated from, what Internet site was attacked and in accordance with what rule ModSecurity responded, etcetera. The rules which we use are commercial, hence they are frequently updated by a security provider, but to be on the safe side, our administrators also add custom rules from time to time in order to react to any new threats they have discovered.