ModSecurity is a highly effective firewall for Apache web servers that's used to stop attacks towards web apps. It tracks the HTTP traffic to a specific website in real time and blocks any intrusion attempts the instant it discovers them. The firewall uses a set of rules to do that - as an example, attempting to log in to a script administration area unsuccessfully several times triggers one rule, sending a request to execute a particular file that may result in getting access to the site triggers another rule, and so on. ModSecurity is one of the best firewalls out there and it'll preserve even scripts that aren't updated often since it can prevent attackers from employing known exploits and security holes. Quite comprehensive info about every intrusion attempt is recorded and the logs the firewall maintains are a lot more detailed than the standard logs generated by the Apache server, so you may later examine them and decide if you need to take more measures so as to improve the safety of your script-driven websites.
ModSecurity in Shared Web Hosting
We provide ModSecurity with all shared web hosting plans, so your Internet applications shall be protected against harmful attacks. The firewall is turned on by default for all domains and subdomains, but if you'd like, you'll be able to stop it via the respective section of your Hepsia CP. You'll be able to also switch on a detection mode, so ModSecurity will keep a log as intended, but won't take any action. The logs that you'll discover within Hepsia are quite detailed and offer data about the nature of any attack, when it happened and from what IP, the firewall rule that was triggered, and so forth. We use a group of commercial rules which are regularly updated, but sometimes our administrators add custom rules as well so as to efficiently protect the websites hosted on our servers.
ModSecurity in VPS Servers
ModSecurity is pre-installed on all VPS servers which are provided with the Hepsia hosting CP, so your web apps will be secured from the instant your server is ready. The firewall is activated by default for any domain or subdomain on the Virtual Private Server, but if necessary, you'll be able to disable it with a mouse click via the corresponding section of Hepsia. You may also set it to operate in detection mode, so it will maintain a detailed log of any potential attacks without taking any action to stop them. The logs can be found inside the exact same section and include information about the nature of the attack, what IP address it originated from and what ModSecurity rule was activated to stop it. For best security, we use not just commercial rules from a business working in the field of web security, but also custom ones our administrators include manually in order to respond to new risks which are still not dealt with in the commercial rules.
ModSecurity in Dedicated Servers
ModSecurity is included with all dedicated servers that are integrated with our Hepsia CP and you won't need to do anything specific on your end to employ it because it is turned on by default each time you include a new domain or subdomain on your hosting server. If it disrupts any of your apps, you will be able to stop it through the respective area of Hepsia, or you may leave it operating in passive mode, so it shall identify attacks and will still maintain a log for them, but shall not block them. You may examine the logs later to find out what you can do to increase the safety of your websites as you shall find details such as where an intrusion attempt came from, what Internet site was attacked and in accordance with what rule ModSecurity reacted, etc. The rules that we use are commercial, therefore they are frequently updated by a security company, but to be on the safe side, our administrators also include custom rules every now and then in order to deal with any new threats they have discovered.