ModSecurity is an effective firewall for Apache web servers that's employed to stop attacks toward web apps. It tracks the HTTP traffic to a certain Internet site in real time and blocks any intrusion attempts the moment it detects them. The firewall uses a set of rules to do that - as an example, trying to log in to a script administrator area without success several times triggers one rule, sending a request to execute a particular file that may result in gaining access to the website triggers a different rule, and so forth. ModSecurity is one of the best firewalls available and it will preserve even scripts which aren't updated regularly since it can prevent attackers from using known exploits and security holes. Very detailed information about each and every intrusion attempt is recorded and the logs the firewall maintains are far more comprehensive than the standard logs provided by the Apache server, so you can later take a look at them and determine whether you need to take more measures in order to increase the security of your script-driven websites.
ModSecurity in Cloud Website Hosting
ModSecurity is offered with each and every cloud website hosting solution which we provide and it's activated by default for any domain or subdomain which you add through your Hepsia Control Panel. In the event that it interferes with any of your applications or you would like to disable it for some reason, you'll be able to accomplish that through the ModSecurity section of Hepsia with only a mouse click. You can also use a passive mode, so the firewall will discover possible attacks and maintain a log, but shall not take any action. You could view detailed logs in the same section, including the IP address where the attack came from, what precisely the attacker aimed to do and at what time, what ModSecurity did, etcetera. For max safety of our customers we use a collection of commercial firewall rules combined with custom ones which are included by our system admins.
ModSecurity in Semi-dedicated Hosting
ModSecurity is a part of our semi-dedicated hosting solutions and if you choose to host your sites with our company, there shall not be anything special you'll have to do given that the firewall is turned on by default for all domains and subdomains you add via your hosting Control Panel. If necessary, you can disable ModSecurity for a given Internet site or enable the so-called detection mode in which case the firewall shall still work and record info, but will not do anything to prevent possible attacks against your Internet sites. In depth logs will be accessible within your Control Panel and you will be able to see what sort of attacks occurred, what security rules were triggered and how the firewall dealt with the threats, what Internet protocol addresses the attacks came from, and so forth. We employ two types of rules on our servers - commercial ones from an organization which operates in the field of web security, and customized ones that our administrators occasionally include to respond to newly found risks in a timely manner.
ModSecurity in VPS Hosting
All virtual private servers which are set up with the Hepsia Control Panel include ModSecurity. The firewall is installed and activated by default for all domains that are hosted on the machine, so there shall not be anything special that you shall have to do to protect your Internet sites. It'll take you only a mouse click to stop ModSecurity if needed or to turn on its passive mode so that it records what happens without taking any measures to prevent intrusions. You shall be able to see the logs produced in active or passive mode through the corresponding section of Hepsia and learn more about the type of the attack, where it originated from, what rule the firewall employed to take care of it, etc. We use a combination of commercial and custom rules in order to make certain that ModSecurity shall block as many risks as possible, consequently boosting the security of your web programs as much as possible.
ModSecurity in Dedicated Web Hosting
ModSecurity is provided by default with all dedicated servers that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain you host or subdomain that you create on the server. In case that a web application doesn't function adequately, you could either switch off the firewall or set it to operate in passive mode. The latter means that ModSecurity will maintain a log of any possible attack which might occur, but will not take any action to stop it. The logs generated in active or passive mode shall provide you with more details about the exact file that was attacked, the form of the attack and the IP it originated from, and so on. This data will permit you to decide what measures you can take to enhance the security of your sites, for instance blocking IPs or carrying out script and plugin updates. The ModSecurity rules which we use are updated constantly with a commercial package from a third-party security company we work with, but from time to time our administrators include their own rules too in the event that they find a new potential threat.