ModSecurity is an effective firewall for Apache web servers which is used to prevent attacks toward web applications. It tracks the HTTP traffic to a specific Internet site in real time and stops any intrusion attempts as soon as it identifies them. The firewall uses a set of rules to accomplish that - for example, attempting to log in to a script admin area without success several times activates one rule, sending a request to execute a particular file which could result in getting access to the Internet site triggers a different rule, etcetera. ModSecurity is amongst the best firewalls out there and it'll protect even scripts that are not updated frequently because it can prevent attackers from employing known exploits and security holes. Quite comprehensive info about every intrusion attempt is recorded and the logs the firewall keeps are much more detailed than the regular logs provided by the Apache server, so you could later analyze them and decide whether you need to take extra measures so as to enhance the protection of your script-driven websites.
ModSecurity in Shared Hosting
We offer ModSecurity with all shared hosting packages, so your web applications shall be protected against malicious attacks. The firewall is turned on by default for all domains and subdomains, but if you'd like, you will be able to stop it using the respective area of your Hepsia CP. You could also switch on a detection mode, so ModSecurity shall keep a log as intended, but won't take any action. The logs that you shall discover within Hepsia are quite detailed and offer info about the nature of any attack, when it occurred and from what IP address, the firewall rule that was triggered, etcetera. We employ a set of commercial rules that are often updated, but sometimes our administrators include custom rules as well so as to efficiently protect the websites hosted on our machines.
ModSecurity in Semi-dedicated Hosting
Any web program that you set up in your new semi-dedicated hosting account will be protected by ModSecurity because the firewall is included with all our hosting plans and is activated by default for any domain and subdomain that you include or create via your Hepsia hosting CP. You shall be able to manage ModSecurity through a dedicated section in Hepsia where not only can you activate or deactivate it completely, but you could also enable a passive mode, so the firewall shall not stop anything, but it'll still keep an archive of potential attacks. This takes simply a mouse click and you will be able to view the logs regardless if ModSecurity is in passive or active mode through the same section - what the attack was and where it came from, how it was addressed, and so on. The firewall uses two sets of rules on our web servers - a commercial one which we get from a third-party web security company and a custom one which our administrators update manually in order to respond to recently discovered risks as fast as possible.
ModSecurity in VPS Hosting
ModSecurity is provided with all Hepsia-based virtual private servers that we offer and it will be turned on automatically for any new domain or subdomain that you include on the machine. This way, any web app that you install will be secured immediately without doing anything by hand on your end. The firewall can be handled from the section of the CP which has the same name. This is the place whereyou could turn off ModSecurity or enable its passive mode, so it shall not take any action against threats, but will still keep a thorough log. The recorded info is available within the same section as well and you will be able to see what IPs any attacks originated from so that you block them, what the nature of the attempted attacks was and based upon what security rules ModSecurity responded. The rules we use on our servers are a combination between commercial ones that we obtain from a security firm and custom ones that are added by our administrators to improve the security of any web apps hosted on our end.
ModSecurity in Dedicated Web Hosting
ModSecurity is available by default with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain you host or subdomain you create on the hosting server. In the event that a web app doesn't operate properly, you can either disable the firewall or set it to function in passive mode. The latter means that ModSecurity will maintain a log of any potential attack that may take place, but shall not take any action to prevent it. The logs created in passive or active mode shall provide you with additional details about the exact file that was attacked, the nature of the attack and the IP it came from, etcetera. This info shall enable you to decide what steps you can take to increase the protection of your sites, for instance blocking IPs or carrying out script and plugin updates. The ModSecurity rules which we use are updated frequently with a commercial pack from a third-party security provider we work with, but from time to time our administrators include their own rules also in case they find a new potential threat.