ModSecurity is a highly effective firewall for Apache web servers that is employed to prevent attacks against web apps. It tracks the HTTP traffic to a given site in real time and prevents any intrusion attempts as soon as it identifies them. The firewall uses a set of rules to do that - for instance, trying to log in to a script admin area without success a few times triggers one rule, sending a request to execute a certain file that could result in gaining access to the website triggers a different rule, etcetera. ModSecurity is one of the best firewalls around and it'll secure even scripts which aren't updated on a regular basis because it can prevent attackers from employing known exploits and security holes. Very thorough information about each intrusion attempt is recorded and the logs the firewall maintains are considerably more comprehensive than the standard logs generated by the Apache server, so you can later take a look at them and decide if you need to take more measures in order to enhance the protection of your script-driven sites.
ModSecurity in Web Hosting
ModSecurity is available on all web hosting
servers, so when you opt to host your websites with our firm, they shall be resistant to an array of attacks. The firewall is turned on by default for all domains and subdomains, so there will be nothing you will need to do on your end. You shall be able to stop ModSecurity for any website if required, or to activate a detection mode, so that all activity shall be recorded, but the firewall shall not take any real action. You'll be able to view specific logs through your Hepsia CP including the IP address where the attack originated from, what the attacker wished to do and how ModSecurity handled the threat. As we take the safety of our customers' websites seriously, we employ a group of commercial rules which we get from one of the top companies that maintain such rules. Our administrators also include custom rules to make certain that your Internet sites shall be shielded from as many risks as possible.
ModSecurity in Semi-dedicated Hosting
Any web app that you set up in your new semi-dedicated hosting
account will be protected by ModSecurity because the firewall is included with all our hosting packages and is activated by default for any domain and subdomain you include or create via your Hepsia hosting CP. You shall be able to manage ModSecurity via a dedicated area within Hepsia where not only can you activate or deactivate it fully, but you may also activate a passive mode, so the firewall won't stop anything, but it shall still keep a record of possible attacks. This requires simply a click and you'll be able to view the logs regardless if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was handled, etcetera. The firewall uses two groups of rules on our servers - a commercial one that we get from a third-party web security provider and a custom one that our administrators update manually as to respond to recently discovered threats at the earliest opportunity.
ModSecurity in VPS Web Hosting
All virtual private servers
that are provided with the Hepsia Control Panel feature ModSecurity. The firewall is set up and activated by default for all domains which are hosted on the web server, so there won't be anything special that you'll need to do to protect your websites. It shall take you a mouse click to stop ModSecurity if needed or to switch on its passive mode so that it records what goes on without taking any actions to stop intrusions. You shall be able to look at the logs generated in active or passive mode via the corresponding section of Hepsia and find out more about the type of the attack, where it came from, what rule the firewall employed to tackle it, and so on. We employ a combination of commercial and custom rules in order to ensure that ModSecurity will prevent as many threats as possible, thus boosting the security of your web programs as much as possible.
ModSecurity in Dedicated Servers Hosting
When you choose to host your sites on a dedicated server
with the Hepsia Control Panel, your web apps will be secured straight away because ModSecurity is supplied with all Hepsia-based plans. You will be able to regulate the firewall with ease and if needed, you shall be able to turn it off or enable its passive mode when it'll only keep a log of what is taking place without taking any action to prevent potential attacks. The logs that you can find in the very same section of the CP are extremely detailed and contain info about the attacker IP, what site and file were attacked and in what way, what rule the firewall used to prevent the intrusion, and so forth. This data will enable you to take measures and enhance the protection of your websites even more. To be on the safe side, we use not just commercial rules, but also custom-made ones which our admins include every time they detect attacks that have not yet been included in the commercial pack.