ModSecurity is a powerful firewall for Apache web servers which is employed to stop attacks against web applications. It monitors the HTTP traffic to a specific Internet site in real time and blocks any intrusion attempts the moment it discovers them. The firewall relies on a set of rules to do this - for instance, attempting to log in to a script administration area unsuccessfully a few times activates one rule, sending a request to execute a specific file that may result in gaining access to the Internet site triggers another rule, and so on. ModSecurity is one of the best firewalls on the market and it'll secure even scripts that aren't updated often since it can prevent attackers from using known exploits and security holes. Very thorough information about each and every intrusion attempt is recorded and the logs the firewall maintains are a lot more detailed than the regular logs generated by the Apache server, so you may later examine them and determine if you need to take additional measures so as to increase the protection of your script-driven websites.
ModSecurity in Shared Hosting
ModSecurity is available on all shared hosting web servers, so if you opt to host your sites with our business, they will be protected against an array of attacks. The firewall is enabled as standard for all domains and subdomains, so there'll be nothing you will have to do on your end. You shall be able to stop ModSecurity for any site if needed, or to activate a detection mode, so that all activity shall be recorded, but the firewall will not take any real action. You'll be able to view specific logs via your Hepsia CP including the IP where the attack came from, what the attacker wished to do and how ModSecurity addressed the threat. Since we take the safety of our customers' websites seriously, we use a collection of commercial rules that we take from one of the top firms that maintain this type of rules. Our admins also add custom rules to make certain that your Internet sites will be shielded from as many threats as possible.
ModSecurity in Semi-dedicated Hosting
We've integrated ModSecurity by default in all semi-dedicated hosting packages, so your web applications will be protected as soon as you install them under any domain or subdomain. The Hepsia Control Panel which comes with the semi-dedicated accounts shall allow you to switch on or turn off the firewall for any website with a click. You shall also have the ability to turn on a passive detection mode through which ModSecurity will keep a log of potential attacks without really stopping them. The comprehensive logs contain the nature of the attack and what ModSecurity response that attack generated, where it came from, etcetera. The list of rules that we employ is frequently updated in order to match any new threats which could appear on the Internet and it features both commercial rules that we get from a security company and custom-written ones that our administrators include in the event that they find a threat that is not present in the commercial list yet.
ModSecurity in VPS
ModSecurity is provided with all Hepsia-based virtual private servers that we offer and it shall be switched on automatically for every new domain or subdomain that you add on the hosting server. In this way, any web application which you install shall be protected right from the start without doing anything personally on your end. The firewall could be handled via the section of the CP which bears the same name. This is the location whereyou can disable ModSecurity or activate its passive mode, so it will not take any action against threats, but will still keep a thorough log. The recorded data is available in the same area as well and you will be able to see what IPs any attacks came from so that you can stop them, what the nature of the attempted attacks was and based upon what security rules ModSecurity responded. The rules that we use on our servers are a mixture between commercial ones which we obtain from a security organization and custom ones which are added by our staff to enhance the security of any web apps hosted on our end.
ModSecurity in Dedicated Hosting
ModSecurity is offered by default with all dedicated servers that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain which you host or subdomain which you create on the web server. In case that a web app does not operate properly, you may either disable the firewall or set it to function in passive mode. The latter means that ModSecurity will keep a log of any potential attack which might take place, but shall not take any action to stop it. The logs created in passive or active mode will give you additional details about the exact file which was attacked, the form of the attack and the IP address it came from, and so forth. This information will enable you to determine what measures you can take to boost the protection of your websites, including blocking IPs or carrying out script and plugin updates. The ModSecurity rules that we use are updated constantly with a commercial package from a third-party security company we work with, but occasionally our staff add their own rules also in the event that they discover a new potential threat.