ModSecurity is a powerful firewall for Apache web servers which is employed to stop attacks toward web applications. It tracks the HTTP traffic to a particular Internet site in real time and blocks any intrusion attempts as soon as it detects them. The firewall relies on a set of rules to accomplish that - as an example, trying to log in to a script administration area without success many times activates one rule, sending a request to execute a certain file which could result in gaining access to the Internet site triggers another rule, and so on. ModSecurity is one of the best firewalls out there and it will preserve even scripts which are not updated on a regular basis since it can prevent attackers from using known exploits and security holes. Quite comprehensive info about each and every intrusion attempt is recorded and the logs the firewall keeps are considerably more comprehensive than the regular logs generated by the Apache server, so you could later examine them and decide whether you need to take extra measures so as to boost the protection of your script-driven websites.
ModSecurity in Shared Hosting
ModSecurity is offered with each shared hosting plan that we provide and it is turned on by default for any domain or subdomain which you include through your Hepsia CP. If it interferes with any of your applications or you would like to disable it for some reason, you will be able to do that through the ModSecurity section of Hepsia with simply a click. You could also enable a passive mode, so the firewall will detect possible attacks and keep a log, but won't take any action. You could view extensive logs in the same section, including the IP where the attack came from, what precisely the attacker aimed to do and at what time, what ModSecurity did, etc. For optimum protection of our clients we use a set of commercial firewall rules combined with custom ones that are included by our system administrators.
ModSecurity in Semi-dedicated Hosting
Any web app which you set up within your new semi-dedicated hosting account shall be protected by ModSecurity since the firewall comes with all our hosting plans and is activated by default for any domain and subdomain that you add or create using your Hepsia hosting Control Panel. You'll be able to manage ModSecurity through a dedicated area in Hepsia where not simply could you activate or deactivate it completely, but you may also activate a passive mode, so the firewall will not stop anything, but it shall still keep an archive of potential attacks. This normally requires simply a mouse click and you shall be able to view the logs regardless if ModSecurity is in active or passive mode through the same section - what the attack was and where it came from, how it was addressed, and so on. The firewall employs two groups of rules on our servers - a commercial one which we get from a third-party web security firm and a custom one that our administrators update personally as to respond to recently discovered risks immediately.
ModSecurity in VPS
All virtual private servers which are provided with the Hepsia CP include ModSecurity. The firewall is installed and activated by default for all domains which are hosted on the web server, so there will not be anything special that you shall have to do to protect your Internet sites. It shall take you a mouse click to stop ModSecurity if necessary or to activate its passive mode so that it records what goes on without taking any measures to stop intrusions. You'll be able to look at the logs generated in passive or active mode through the corresponding section of Hepsia and learn more about the type of the attack, where it originated from, what rule the firewall used to deal with it, and so on. We use a combination of commercial and custom rules so as to make sure that ModSecurity will block as many threats as possible, hence enhancing the protection of your web applications as much as possible.
ModSecurity in Dedicated Hosting
All our dedicated servers that are installed with the Hepsia hosting CP feature ModSecurity, so any application you upload or set up will be properly secured from the very beginning and you'll not have to stress about common attacks or vulnerabilities. A separate section in Hepsia will permit you to start or stop the firewall for every domain or subdomain, or turn on a detection mode so that it records information about intrusions, but does not take actions to stop them. What you will find in the logs shall help you to secure your websites better - the IP an attack originated from, what site was attacked and how, what ModSecurity rule was triggered, etcetera. With this data, you could see if a site needs an update, if you should block IPs from accessing your server, etcetera. Besides the third-party commercial security rules for ModSecurity that we use, our administrators include custom ones as well if they find a new threat that's not yet in the commercial bundle.