ModSecurity is a powerful firewall for Apache web servers that is employed to prevent attacks against web applications. It keeps track of the HTTP traffic to a specific website in real time and blocks any intrusion attempts the moment it identifies them. The firewall relies on a set of rules to accomplish that - for example, trying to log in to a script admin area without success a few times activates one rule, sending a request to execute a particular file that could result in getting access to the site triggers another rule, etcetera. ModSecurity is one of the best firewalls available and it will preserve even scripts which aren't updated on a regular basis because it can prevent attackers from using known exploits and security holes. Incredibly detailed information about every intrusion attempt is recorded and the logs the firewall keeps are a lot more comprehensive than the regular logs created by the Apache server, so you can later analyze them and decide if you need to take extra measures so as to boost the protection of your script-driven websites.
ModSecurity in Shared Hosting
ModSecurity can be found with each and every shared hosting solution which we offer and it is turned on by default for every domain or subdomain that you include through your Hepsia Control Panel. If it interferes with any of your applications or you would like to disable it for whatever reason, you shall be able to achieve that through the ModSecurity section of Hepsia with only a mouse click. You may also use a passive mode, so the firewall will recognize possible attacks and keep a log, but shall not take any action. You can view comprehensive logs in the exact same section, including the IP where the attack originated from, exactly what the attacker attempted to do and at what time, what ModSecurity did, etc. For maximum safety of our clients we use a set of commercial firewall rules mixed with custom ones which are provided by our system administrators.
ModSecurity in Semi-dedicated Servers
All semi-dedicated server packages that we offer come with ModSecurity and given that the firewall is switched on by default, any website which you build under a domain or a subdomain shall be secured straight away. An independent section within the Hepsia CP which comes with the semi-dedicated accounts is dedicated to ModSecurity and it'll enable you to stop and start the firewall for any site or enable a detection mode. With the last mentioned, ModSecurity won't take any action, but it shall still recognize possible attacks and will keep all data in a log as if it were completely active. The logs can be found inside the exact same section of the CP and they offer information regarding the IP where an attack originated from, what its nature was, what rule ModSecurity applies to detect and stop it, etc. The security rules we use on our servers are a mix between commercial ones from a security firm and custom ones created by our system administrators. As a result, we provide increased security for your web apps as we can defend them from attacks before security businesses release updates for brand new threats.
ModSecurity in VPS Servers
Safety is essential to us, so we set up ModSecurity on all VPS servers that are made available with the Hepsia Control Panel by default. The firewall can be managed through a dedicated section in Hepsia and is turned on automatically when you include a new domain or generate a subdomain, so you'll not have to do anything manually. You'll also be able to deactivate it or switch on the so-called detection mode, so it'll keep a log of possible attacks that you can later examine, but won't stop them. The logs in both passive and active modes offer details about the type of the attack and how it was prevented, what IP address it came from and other important info which may help you to tighten the security of your sites by updating them or blocking IPs, for instance. On top of the commercial rules which we get for ModSecurity from a third-party security enterprise, we also use our own rules as once in a while we detect specific attacks that aren't yet present within the commercial package. That way, we can enhance the protection of your VPS instantly instead of waiting for a certified update.
ModSecurity in Dedicated Servers
All of our dedicated servers that are set up with the Hepsia hosting CP include ModSecurity, so any app that you upload or install will be properly secured from the very beginning and you will not need to stress about common attacks or vulnerabilities. A separate section within Hepsia will allow you to start or stop the firewall for any domain or subdomain, or switch on a detection mode so that it records details about intrusions, but doesn't take actions to stop them. What you'll find in the logs shall help you to secure your sites better - the IP address an attack came from, what site was attacked and in what way, what ModSecurity rule was triggered, and so on. With this data, you can see if a site needs an update, if you need to block IPs from accessing your web server, etc. In addition to the third-party commercial security rules for ModSecurity that we use, our administrators include custom ones too every time they discover a new threat that's not yet included in the commercial bundle.