ModSecurity is an effective firewall for Apache web servers that's used to prevent attacks towards web apps. It keeps track of the HTTP traffic to a particular Internet site in real time and prevents any intrusion attempts the moment it discovers them. The firewall uses a set of rules to do that - for example, trying to log in to a script admin area unsuccessfully several times sets off one rule, sending a request to execute a particular file that may result in accessing the website triggers a different rule, and so forth. ModSecurity is amongst the best firewalls on the market and it'll preserve even scripts which are not updated on a regular basis since it can prevent attackers from using known exploits and security holes. Incredibly comprehensive information about each and every intrusion attempt is recorded and the logs the firewall maintains are considerably more comprehensive than the standard logs created by the Apache server, so you may later examine them and determine if you need to take extra measures in order to increase the protection of your script-driven Internet sites.
ModSecurity in Cloud Website Hosting
We provide ModSecurity with all cloud website hosting solutions, so your Internet apps will be resistant to malicious attacks. The firewall is turned on by default for all domains and subdomains, but in case you'd like, you'll be able to stop it through the respective area of your Hepsia CP. You'll be able to also switch on a detection mode, so ModSecurity shall keep a log as intended, but won't take any action. The logs which you'll discover inside Hepsia are very detailed and include info about the nature of any attack, when it occurred and from what IP, the firewall rule which was triggered, etc. We use a group of commercial rules which are regularly updated, but sometimes our administrators include custom rules as well so as to efficiently protect the Internet sites hosted on our machines.
ModSecurity in Semi-dedicated Servers
All semi-dedicated server packages that we offer include ModSecurity and given that the firewall is enabled by default, any website that you build under a domain or a subdomain will be secured right away. An individual section inside the Hepsia CP that comes with the semi-dedicated accounts is devoted to ModSecurity and it shall allow you to start and stop the firewall for any website or enable a detection mode. With the latter, ModSecurity shall not take any action, but it'll still detect possible attacks and shall keep all info within a log as if it were 100% active. The logs can be found inside the same section of the CP and they offer information regarding the IP where an attack originated from, what its nature was, what rule ModSecurity applies to detect and stop it, etc. The security rules we employ on our servers are a mix between commercial ones from a security company and custom ones created by our system administrators. For that reason, we offer greater security for your web programs as we can defend them from attacks even before security corporations release updates for completely new threats.
ModSecurity in VPS Servers
Security is very important to us, so we install ModSecurity on all VPS servers which are made available with the Hepsia CP as a standard. The firewall can be managed through a dedicated section in Hepsia and is activated automatically when you include a new domain or create a subdomain, so you'll not have to do anything by hand. You will also be able to disable it or turn on the so-called detection mode, so it'll maintain a log of potential attacks which you can later study, but shall not block them. The logs in both passive and active modes include info about the type of the attack and how it was eliminated, what IP it came from and other important information that could help you to tighten the security of your websites by updating them or blocking IPs, as an example. Beyond the commercial rules which we get for ModSecurity from a third-party security enterprise, we also implement our own rules because occasionally we detect specific attacks that aren't yet present in the commercial package. This way, we can easily improve the protection of your VPS immediately instead of waiting for a certified update.
ModSecurity in Dedicated Servers
When you opt to host your Internet sites on a dedicated server with the Hepsia Control Panel, your web apps shall be protected right away because ModSecurity is supplied with all Hepsia-based plans. You will be able to manage the firewall effortlessly and if necessary, you'll be able to turn it off or switch on its passive mode when it will only maintain a log of what's happening without taking any action to prevent potential attacks. The logs that you'll find within the same section of the Control Panel are extremely detailed and feature details about the attacker IP address, what site and file were attacked and in what way, what rule the firewall employed to prevent the intrusion, and so on. This information will enable you to take measures and improve the security of your Internet sites even more. To be on the safe side, we employ not just commercial rules, but also custom-made ones which our staff include when they identify attacks that haven't yet been included in the commercial pack.