ModSecurity is an effective firewall for Apache web servers which is employed to prevent attacks towards web apps. It keeps track of the HTTP traffic to a given site in real time and blocks any intrusion attempts as soon as it discovers them. The firewall uses a set of rules to accomplish that - as an illustration, attempting to log in to a script administrator area without success a few times activates one rule, sending a request to execute a certain file which may result in getting access to the website triggers a different rule, and so forth. ModSecurity is one of the best firewalls around and it'll preserve even scripts which aren't updated on a regular basis as it can prevent attackers from employing known exploits and security holes. Quite thorough information about every single intrusion attempt is recorded and the logs the firewall maintains are much more specific than the conventional logs generated by the Apache server, so you may later analyze them and decide whether you need to take additional measures in order to increase the safety of your script-driven websites.
ModSecurity in Cloud Web Hosting
We offer ModSecurity with all cloud web hosting packages, so your Internet apps shall be shielded from harmful attacks. The firewall is turned on as standard for all domains and subdomains, but if you would like, you'll be able to stop it using the respective area of your Hepsia Control Panel. You'll be able to also switch on a detection mode, so ModSecurity shall keep a log as intended, but will not take any action. The logs that you will discover inside Hepsia are quite detailed and offer data about the nature of any attack, when it took place and from what IP, the firewall rule that was triggered, etc. We employ a set of commercial rules which are often updated, but sometimes our administrators include custom rules as well in order to efficiently protect the Internet sites hosted on our machines.
ModSecurity in Semi-dedicated Hosting
All semi-dedicated hosting plans that we offer come with ModSecurity and since the firewall is turned on by default, any site you set up under a domain or a subdomain will be secured immediately. An independent section in the Hepsia Control Panel which comes with the semi-dedicated accounts is devoted to ModSecurity and it will permit you to stop and start the firewall for any site or enable a detection mode. With the last option, ModSecurity won't take any action, but it shall still detect possible attacks and will keep all info inside a log as if it were completely active. The logs could be found in the exact same section of the CP and they include information about the IP where an attack came from, what its nature was, what rule ModSecurity applies to recognize and stop it, and so forth. The security rules which we use on our servers are a mix of commercial ones from a security company and custom ones created by our system admins. Therefore, we offer higher security for your web applications as we can defend them from attacks before security companies release updates for brand new threats.
ModSecurity in VPS Hosting
All virtual private servers which are offered with the Hepsia CP include ModSecurity. The firewall is set up and activated by default for all domains which are hosted on the server, so there will not be anything special which you shall have to do to protect your Internet sites. It shall take you just a mouse click to stop ModSecurity if required or to switch on its passive mode so that it records what occurs without taking any actions to stop intrusions. You shall be able to view the logs produced in passive or active mode from the corresponding section of Hepsia and discover more about the type of the attack, where it came from, what rule the firewall employed to handle it, etcetera. We employ a mixture of commercial and custom rules so as to make sure that ModSecurity shall block as many threats as possible, hence enhancing the security of your web applications as much as possible.
ModSecurity in Dedicated Web Hosting
ModSecurity is included with all dedicated servers which are set up with our Hepsia Control Panel and you'll not have to do anything specific on your end to use it as it's turned on by default every time you include a new domain or subdomain on your hosting server. In case it disrupts some of your programs, you shall be able to stop it via the respective part of Hepsia, or you could leave it in passive mode, so it will detect attacks and shall still maintain a log for them, but won't prevent them. You could examine the logs later to learn what you can do to enhance the security of your Internet sites since you will find info such as where an intrusion attempt came from, what website was attacked and based upon what rule ModSecurity responded, etc. The rules which we employ are commercial, therefore they're frequently updated by a security firm, but to be on the safe side, our administrators also include custom rules from time to time in order to respond to any new threats they have discovered.