ModSecurity is a powerful firewall for Apache web servers which is used to prevent attacks against web applications. It monitors the HTTP traffic to a particular Internet site in real time and blocks any intrusion attempts the moment it discovers them. The firewall relies on a set of rules to do that - as an illustration, trying to log in to a script admin area unsuccessfully many times sets off one rule, sending a request to execute a specific file that may result in accessing the website triggers a different rule, etcetera. ModSecurity is among the best firewalls available on the market and it'll secure even scripts which aren't updated regularly since it can prevent attackers from using known exploits and security holes. Very detailed information about every single intrusion attempt is recorded and the logs the firewall maintains are much more specific than the standard logs provided by the Apache server, so you could later analyze them and decide whether you need to take more measures so as to improve the safety of your script-driven sites.
ModSecurity in Hosting
ModSecurity is available on all hosting
servers, so when you choose to host your Internet sites with our business, they'll be resistant to a wide array of attacks. The firewall is turned on by default for all domains and subdomains, so there'll be nothing you shall have to do on your end. You shall be able to stop ModSecurity for any website if necessary, or to activate a detection mode, so that all activity will be recorded, but the firewall won't take any real action. You'll be able to view comprehensive logs using your Hepsia Control Panel including the IP where the attack came from, what the attacker wished to do and how ModSecurity dealt with the threat. As we take the protection of our customers' websites very seriously, we use a group of commercial rules that we take from one of the top companies which maintain this sort of rules. Our administrators also include custom rules to make sure that your websites will be shielded from as many risks as possible.
ModSecurity in Semi-dedicated Hosting
ModSecurity is part of our semi-dedicated hosting
packages and if you opt to host your websites with us, there won't be anything special you'll need to do as the firewall is turned on by default for all domains and subdomains which you add via your hosting CP. If required, you could disable ModSecurity for a certain website or enable the so-called detection mode in which case the firewall shall still work and record data, but won't do anything to stop possible attacks against your websites. Detailed logs will be available within your CP and you shall be able to see which kind of attacks took place, what security rules were triggered and how the firewall addressed the threats, what Internet protocol addresses the attacks originated from, etc. We employ 2 types of rules on our servers - commercial ones from a company which operates in the field of web security, and custom made ones that our admins sometimes add to respond to newly found risks on time.
ModSecurity in VPS Hosting
Protection is extremely important to us, so we install ModSecurity on all virtual private servers
that are made available with the Hepsia CP by default. The firewall could be managed through a dedicated section inside Hepsia and is switched on automatically when you add a new domain or create a subdomain, so you will not have to do anything manually. You shall also be able to disable it or activate the so-called detection mode, so it will maintain a log of potential attacks you can later analyze, but will not stop them. The logs in both passive and active modes include info about the type of the attack and how it was stopped, what IP it originated from and other valuable information that could help you to tighten the security of your sites by updating them or blocking IPs, as an example. Besides the commercial rules which we get for ModSecurity from a third-party security company, we also employ our own rules because every now and then we find specific attacks that aren't yet present in the commercial pack. This way, we can improve the security of your Virtual private server immediately rather than waiting for a certified update.
ModSecurity in Dedicated Web Hosting
If you choose to host your sites on a dedicated server
with the Hepsia Control Panel, your web programs will be secured immediately as ModSecurity is available with all Hepsia-based packages. You will be able to control the firewall with ease and if required, you shall be able to turn it off or enable its passive mode when it'll only maintain a log of what is going on without taking any action to prevent potential attacks. The logs that you can find in the same section of the Control Panel are incredibly detailed and feature data about the attacker IP, what site and file were attacked and in what ways, what rule the firewall employed to stop the intrusion, and so forth. This data shall enable you to take measures and increase the security of your sites even more. To be on the safe side, we employ not just commercial rules, but also custom-made ones which our admins include every time they detect attacks which haven't yet been included within the commercial pack.