ModSecurity is a highly effective firewall for Apache web servers that's used to stop attacks towards web apps. It tracks the HTTP traffic to a specific website in real time and blocks any intrusion attempts the instant it discovers them. The firewall uses a set of rules to do that - as an example, attempting to log in to a script administration area unsuccessfully several times triggers one rule, sending a request to execute a particular file that may result in getting access to the site triggers another rule, and so on. ModSecurity is one of the best firewalls out there and it'll preserve even scripts that aren't updated often since it can prevent attackers from employing known exploits and security holes. Quite comprehensive info about every intrusion attempt is recorded and the logs the firewall maintains are a lot more detailed than the standard logs generated by the Apache server, so you may later examine them and decide if you need to take more measures so as to improve the safety of your script-driven websites.
ModSecurity in Shared Web Hosting
We provide ModSecurity with all shared web hosting plans, so your Internet applications shall be protected against harmful attacks. The firewall is turned on by default for all domains and subdomains, but if you'd like, you'll be able to stop it via the respective section of your Hepsia CP. You'll be able to also switch on a detection mode, so ModSecurity will keep a log as intended, but won't take any action. The logs that you'll discover within Hepsia are quite detailed and offer data about the nature of any attack, when it happened and from what IP, the firewall rule that was triggered, and so forth. We use a group of commercial rules which are regularly updated, but sometimes our administrators add custom rules as well so as to efficiently protect the websites hosted on our servers.
ModSecurity in VPS Servers
ModSecurity is pre-installed on all VPS servers which are provided with the Hepsia hosting CP, so your web apps will be secured from the instant your server is ready. The firewall is activated by default for any domain or subdomain on the Virtual Private Server, but if necessary, you'll be able to disable it with a mouse click via the corresponding section of Hepsia. You may also set it to operate in detection mode, so it will maintain a detailed log of any potential attacks without taking any action to stop them. The logs can be found inside the exact same section and include information about the nature of the attack, what IP address it originated from and what ModSecurity rule was activated to stop it. For best security, we use not just commercial rules from a business working in the field of web security, but also custom ones our administrators include manually in order to respond to new risks which are still not dealt with in the commercial rules.