ModSecurity is a highly effective firewall for Apache web servers which is employed to stop attacks against web applications. It keeps track of the HTTP traffic to a particular Internet site in real time and prevents any intrusion attempts the moment it identifies them. The firewall relies on a set of rules to accomplish that - for instance, attempting to log in to a script administrator area without success several times activates one rule, sending a request to execute a specific file which could result in accessing the website triggers a different rule, etcetera. ModSecurity is amongst the best firewalls out there and it will secure even scripts which are not updated frequently because it can prevent attackers from using known exploits and security holes. Quite comprehensive data about every intrusion attempt is recorded and the logs the firewall maintains are far more comprehensive than the regular logs generated by the Apache server, so you can later take a look at them and determine if you need to take additional measures in order to improve the safety of your script-driven websites.
ModSecurity in Web Hosting
ModSecurity is available on all web hosting
web servers, so if you opt to host your sites with our organization, they'll be shielded from a wide array of attacks. The firewall is enabled as standard for all domains and subdomains, so there shall be nothing you will need to do on your end. You'll be able to stop ModSecurity for any website if needed, or to switch on a detection mode, so all activity shall be recorded, but the firewall shall not take any real action. You shall be able to view comprehensive logs via your Hepsia CP including the IP address where the attack originated from, what the attacker wanted to do and how ModSecurity dealt with the threat. Since we take the protection of our clients' sites seriously, we use a set of commercial rules that we take from one of the leading firms that maintain this type of rules. Our admins also include custom rules to ensure that your Internet sites shall be resistant to as many risks as possible.
ModSecurity in Semi-dedicated Servers
ModSecurity is a part of our semi-dedicated server
packages and if you decide to host your sites with our company, there shall not be anything special you'll need to do given that the firewall is switched on by default for all domains and subdomains that you add using your hosting CP. If required, you could disable ModSecurity for a certain site or activate the so-called detection mode in which case the firewall shall still work and record info, but shall not do anything to prevent possible attacks on your Internet sites. Thorough logs will be readily available within your Control Panel and you shall be able to see what sort of attacks occurred, what security rules were triggered and how the firewall addressed the threats, what IP addresses the attacks originated from, etc. We use two kinds of rules on our servers - commercial ones from a firm which operates in the field of web security, and custom made ones which our admins often include to respond to newly found threats on time.
ModSecurity in VPS Servers
ModSecurity comes with all Hepsia-based VPS servers
which we offer and it will be activated automatically for every new domain or subdomain you include on the machine. This way, any web app that you install shall be protected from the very beginning without doing anything by hand on your end. The firewall could be handled through the section of the Control Panel which bears the same name. This is the location whereyou'll be able to turn off ModSecurity or let its passive mode, so it shall not take any action towards threats, but shall still keep a comprehensive log. The recorded data is available in the same section as well and you shall be able to see what IPs any attacks came from so that you block them, what the nature of the attempted attacks was and based on what security rules ModSecurity reacted. The rules which we employ on our servers are a mix between commercial ones we get from a security firm and custom ones that are added by our staff to optimize the protection of any web applications hosted on our end.
ModSecurity in Dedicated Servers
ModSecurity is provided with all dedicated servers
which are set up with our Hepsia CP and you'll not need to do anything specific on your end to employ it because it's switched on by default each time you include a new domain or subdomain on your web server. If it interferes with any of your applications, you will be able to stop it through the respective section of Hepsia, or you may leave it in passive mode, so it will recognize attacks and will still maintain a log for them, but shall not block them. You may analyze the logs later to determine what you can do to increase the protection of your sites since you will find details such as where an intrusion attempt originated from, what site was attacked and based on what rule ModSecurity responded, etcetera. The rules we use are commercial, hence they're frequently updated by a security firm, but to be on the safe side, our staff also add custom rules from time to time as to react to any new threats they have found.