ModSecurity is a powerful firewall for Apache web servers that is employed to prevent attacks against web applications. It keeps track of the HTTP traffic to a particular site in real time and blocks any intrusion attempts the moment it discovers them. The firewall uses a set of rules to do that - for instance, trying to log in to a script administrator area without success many times sets off one rule, sending a request to execute a particular file that could result in getting access to the site triggers another rule, etc. ModSecurity is one of the best firewalls out there and it'll protect even scripts which are not updated on a regular basis as it can prevent attackers from using known exploits and security holes. Incredibly detailed info about every single intrusion attempt is recorded and the logs the firewall keeps are much more detailed than the conventional logs created by the Apache server, so you may later take a look at them and determine whether you need to take extra measures in order to boost the security of your script-driven websites.
ModSecurity in Cloud Hosting
ModSecurity is provided with all cloud hosting web servers, so if you decide to host your Internet sites with our company, they shall be resistant to an array of attacks. The firewall is turned on as standard for all domains and subdomains, so there will be nothing you shall have to do on your end. You will be able to stop ModSecurity for any site if required, or to enable a detection mode, so that all activity will be recorded, but the firewall will not take any real action. You shall be able to view specific logs using your Hepsia CP including the IP where the attack came from, what the attacker wanted to do and how ModSecurity addressed the threat. Since we take the protection of our customers' Internet sites very seriously, we use a collection of commercial rules that we take from one of the leading companies that maintain such rules. Our admins also add custom rules to make certain that your websites will be protected against as many risks as possible.
ModSecurity in Semi-dedicated Servers
Any web program which you set up within your new semi-dedicated server account will be protected by ModSecurity because the firewall comes with all our hosting solutions and is switched on by default for any domain and subdomain you include or create through your Hepsia hosting CP. You shall be able to manage ModSecurity via a dedicated section within Hepsia where not simply can you activate or deactivate it completely, but you could also enable a passive mode, so the firewall shall not stop anything, but it shall still maintain a record of possible attacks. This normally requires only a mouse click and you shall be able to view the logs regardless if ModSecurity is in active or passive mode through the same section - what the attack was and where it came from, how it was handled, etc. The firewall employs 2 groups of rules on our servers - a commercial one that we get from a third-party web security provider and a custom one which our administrators update manually in order to respond to newly discovered risks as fast as possible.
ModSecurity in VPS Servers
ModSecurity is pre-installed on all VPS servers which are provided with the Hepsia hosting CP, so your web programs shall be secured from the moment your server is ready. The firewall is turned on by default for any domain or subdomain on the VPS, but if necessary, you can deactivate it with a click from the corresponding section of Hepsia. You may also set it to operate in detection mode, so it shall maintain a comprehensive log of any possible attacks without taking any action to prevent them. The logs can be found within the same section and include information about the nature of the attack, what IP it originated from and what ModSecurity rule was triggered to stop it. For optimum security, we employ not only commercial rules from a company working in the field of web security, but also custom ones which our admins add manually in order to respond to new risks which are still not dealt with in the commercial rules.
ModSecurity in Dedicated Servers
All of our dedicated servers which are set up with the Hepsia hosting Control Panel include ModSecurity, so any app you upload or set up shall be properly secured from the very beginning and you won't have to stress about common attacks or vulnerabilities. An independent section inside Hepsia will allow you to start or stop the firewall for every domain or subdomain, or activate a detection mode so that it records info about intrusions, but doesn't take actions to stop them. What you shall see in the logs can easily allow you to to secure your websites better - the IP an attack originated from, what site was attacked and how, what ModSecurity rule was triggered, etcetera. With this data, you can see whether a site needs an update, if you ought to block IPs from accessing your server, and so on. On top of the third-party commercial security rules for ModSecurity which we use, our admins add custom ones as well when they find a new threat that is not yet a part of the commercial bundle.