ModSecurity is a highly effective firewall for Apache web servers that's employed to stop attacks against web applications. It tracks the HTTP traffic to a specific website in real time and blocks any intrusion attempts as soon as it detects them. The firewall relies on a set of rules to do this - as an illustration, trying to log in to a script admin area without success many times sets off one rule, sending a request to execute a specific file which may result in accessing the Internet site triggers another rule, etcetera. ModSecurity is one of the best firewalls on the market and it will secure even scripts that are not updated regularly since it can prevent attackers from employing known exploits and security holes. Quite thorough info about every single intrusion attempt is recorded and the logs the firewall maintains are a lot more specific than the conventional logs provided by the Apache server, so you could later take a look at them and determine whether you need to take additional measures in order to boost the protection of your script-driven websites.
ModSecurity in Cloud Website Hosting
ModSecurity is supplied with all cloud website hosting web servers, so when you choose to host your Internet sites with our firm, they will be resistant to an array of attacks. The firewall is enabled as standard for all domains and subdomains, so there will be nothing you shall need to do on your end. You shall be able to stop ModSecurity for any site if required, or to enable a detection mode, so that all activity will be recorded, but the firewall shall not take any real action. You will be able to view comprehensive logs via your Hepsia Control Panel including the IP address where the attack came from, what the attacker wanted to do and how ModSecurity addressed the threat. As we take the protection of our customers' websites very seriously, we use a set of commercial rules which we get from one of the top companies that maintain such rules. Our admins also include custom rules to make certain that your websites shall be protected against as many risks as possible.
ModSecurity in Semi-dedicated Hosting
Any web program which you set up within your new semi-dedicated hosting account shall be protected by ModSecurity as the firewall is provided with all our hosting plans and is activated by default for any domain and subdomain you add or create via your Hepsia hosting Control Panel. You will be able to manage ModSecurity through a dedicated section in Hepsia where not only could you activate or deactivate it fully, but you could also enable a passive mode, so the firewall won't block anything, but it'll still keep an archive of possible attacks. This takes just a click and you'll be able to see the logs no matter if ModSecurity is in passive or active mode through the same section - what the attack was and where it originated from, how it was handled, and so forth. The firewall uses 2 groups of rules on our machines - a commercial one which we get from a third-party web security firm and a custom one that our administrators update personally as to respond to recently discovered threats at the earliest opportunity.
ModSecurity in Dedicated Web Hosting
All our dedicated servers that are set up with the Hepsia hosting Control Panel come with ModSecurity, so any application you upload or install shall be properly secured from the very beginning and you'll not have to worry about common attacks or vulnerabilities. An individual section in Hepsia will enable you to start or stop the firewall for each and every domain or subdomain, or switch on a detection mode so that it records details about intrusions, but doesn't take actions to stop them. What you'll find in the logs can easily help you to secure your sites better - the IP an attack originated from, what site was attacked and exactly how, what ModSecurity rule was triggered, and so forth. With this information, you'll be able to see whether an Internet site needs an update, if you need to block IPs from accessing your server, and so on. In addition to the third-party commercial security rules for ModSecurity that we use, our administrators include custom ones as well if they find a new threat which is not yet included in the commercial bundle.