ModSecurity is an effective firewall for Apache web servers that's used to stop attacks towards web apps. It keeps track of the HTTP traffic to a certain site in real time and stops any intrusion attempts the instant it detects them. The firewall uses a set of rules to do this - as an illustration, attempting to log in to a script administrator area without success several times sets off one rule, sending a request to execute a certain file which could result in gaining access to the Internet site triggers another rule, and so forth. ModSecurity is among the best firewalls out there and it will secure even scripts that aren't updated frequently as it can prevent attackers from employing known exploits and security holes. Very thorough information about each and every intrusion attempt is recorded and the logs the firewall maintains are a lot more detailed than the conventional logs provided by the Apache server, so you could later take a look at them and decide if you need to take more measures in order to boost the protection of your script-driven websites.
ModSecurity in Website Hosting
ModSecurity is supplied with all website hosting
machines, so if you opt to host your Internet sites with our business, they'll be protected against an array of attacks. The firewall is enabled by default for all domains and subdomains, so there'll be nothing you will have to do on your end. You shall be able to stop ModSecurity for any site if required, or to switch on a detection mode, so that all activity will be recorded, but the firewall will not take any real action. You shall be able to view specific logs through your Hepsia CP including the IP address where the attack originated from, what the attacker wished to do and how ModSecurity addressed the threat. As we take the safety of our customers' Internet sites seriously, we use a group of commercial rules which we take from one of the top firms that maintain this type of rules. Our admins also include custom rules to make sure that your Internet sites shall be shielded from as many threats as possible.
ModSecurity in Semi-dedicated Hosting
ModSecurity is part of our semi-dedicated hosting packages and if you choose to host your sites with us, there shall not be anything special you will have to do as the firewall is activated by default for all domains and subdomains which you include through your hosting CP. If necessary, you'll be able to disable ModSecurity for a particular Internet site or switch on the so-called detection mode in which case the firewall shall still function and record information, but shall not do anything to stop possible attacks on your websites. Thorough logs will be readily available inside your Control Panel and you'll be able to see what sort of attacks happened, what security rules were triggered and how the firewall handled the threats, what IP addresses the attacks originated from, etcetera. We employ two sorts of rules on our servers - commercial ones from a business which operates in the field of web security, and custom ones that our admins often add to respond to newly found risks on time.
ModSecurity in VPS Hosting
All virtual private servers
which are provided with the Hepsia Control Panel feature ModSecurity. The firewall is installed and turned on by default for all domains which are hosted on the server, so there will not be anything special which you'll have to do to protect your websites. It shall take you just a click to stop ModSecurity if necessary or to activate its passive mode so that it records what occurs without taking any measures to prevent intrusions. You will be able to view the logs produced in active or passive mode from the corresponding section of Hepsia and discover more about the type of the attack, where it came from, what rule the firewall used to deal with it, and so forth. We employ a mixture of commercial and custom rules in order to ensure that ModSecurity shall block as many threats as possible, therefore improving the protection of your web applications as much as possible.
ModSecurity in Dedicated Web Hosting
ModSecurity is included with all dedicated servers
that are set up with our Hepsia Control Panel and you will not need to do anything specific on your end to employ it because it's activated by default each time you add a new domain or subdomain on your server. In case it interferes with some of your applications, you will be able to stop it through the respective area of Hepsia, or you may leave it operating in passive mode, so it shall identify attacks and shall still maintain a log for them, but will not stop them. You may look at the logs later to determine what you can do to increase the safety of your websites since you shall find info such as where an intrusion attempt came from, what site was attacked and in accordance with what rule ModSecurity responded, and so forth. The rules that we use are commercial, hence they are frequently updated by a security company, but to be on the safe side, our administrators also add custom rules occasionally as to react to any new threats they have discovered.