ModSecurity is an effective firewall for Apache web servers that is used to stop attacks towards web apps. It tracks the HTTP traffic to a specific site in real time and stops any intrusion attempts the instant it detects them. The firewall relies on a set of rules to do this - for example, trying to log in to a script administrator area unsuccessfully several times sets off one rule, sending a request to execute a specific file which could result in gaining access to the website triggers a different rule, etcetera. ModSecurity is one of the best firewalls available and it will secure even scripts which are not updated frequently as it can prevent attackers from using known exploits and security holes. Quite thorough info about each intrusion attempt is recorded and the logs the firewall maintains are considerably more specific than the regular logs provided by the Apache server, so you may later examine them and determine if you need to take more measures so as to increase the safety of your script-driven sites.
ModSecurity in Hosting
ModSecurity is supplied with all hosting machines, so when you decide to host your websites with our company, they shall be protected against a wide range of attacks. The firewall is turned on by default for all domains and subdomains, so there'll be nothing you shall have to do on your end. You will be able to stop ModSecurity for any website if needed, or to switch on a detection mode, so that all activity shall be recorded, but the firewall shall not take any real action. You will be able to view comprehensive logs from your Hepsia Control Panel including the IP address where the attack originated from, what the attacker wished to do and how ModSecurity dealt with the threat. As we take the protection of our clients' sites seriously, we employ a group of commercial rules which we take from one of the top companies that maintain such rules. Our administrators also add custom rules to ensure that your sites shall be resistant to as many risks as possible.
ModSecurity in Semi-dedicated Servers
All semi-dedicated server plans which we offer come with ModSecurity and since the firewall is enabled by default, any site you set up under a domain or a subdomain will be secured right from the start. A separate section inside the Hepsia Control Panel that comes with the semi-dedicated accounts is devoted to ModSecurity and it'll permit you to stop and start the firewall for any site or enable a detection mode. With the last mentioned, ModSecurity shall not take any action, but it shall still recognize possible attacks and shall keep all info within a log as if it were fully active. The logs could be found inside the exact same section of the CP and they feature specifics about the IP where an attack came from, what its nature was, what rule ModSecurity applies to identify and stop it, and so on. The security rules that we employ on our machines are a mix between commercial ones from a security firm and custom ones developed by our system administrators. Therefore, we provide greater security for your web applications as we can defend them from attacks even before security companies release updates for completely new threats.
ModSecurity in VPS Servers
Security is essential to us, so we install ModSecurity on all VPS servers that are made available with the Hepsia CP as a standard. The firewall can be managed through a dedicated section within Hepsia and is turned on automatically when you add a new domain or create a subdomain, so you will not need to do anything manually. You'll also be able to disable it or activate the so-called detection mode, so it'll maintain a log of possible attacks you can later study, but won't block them. The logs in both passive and active modes offer information about the type of the attack and how it was eliminated, what IP address it originated from and other important information that might help you to tighten the security of your websites by updating them or blocking IPs, as an example. Beyond the commercial rules we get for ModSecurity from a third-party security company, we also use our own rules because once in a while we discover specific attacks that aren't yet present in the commercial pack. This way, we can easily increase the security of your Virtual private server right away rather than awaiting a certified update.
ModSecurity in Dedicated Servers
ModSecurity is provided by default with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain that you host or subdomain which you create on the server. In case that a web application doesn't work adequately, you could either disable the firewall or set it to work in passive mode. The second means that ModSecurity shall maintain a log of any potential attack which might happen, but will not take any action to stop it. The logs generated in passive or active mode shall give you more details about the exact file that was attacked, the form of the attack and the IP it came from, etc. This information will permit you to decide what steps you can take to enhance the security of your websites, including blocking IPs or performing script and plugin updates. The ModSecurity rules that we use are updated constantly with a commercial pack from a third-party security company we work with, but occasionally our administrators include their own rules as well if they come across a new potential threat.