ModSecurity is an efficient firewall for Apache web servers which is employed to stop attacks towards web applications. It tracks the HTTP traffic to a given website in real time and stops any intrusion attempts the moment it identifies them. The firewall uses a set of rules to do this - for instance, attempting to log in to a script administration area unsuccessfully many times sets off one rule, sending a request to execute a certain file which may result in getting access to the site triggers another rule, etcetera. ModSecurity is one of the best firewalls around and it will protect even scripts which are not updated frequently because it can prevent attackers from using known exploits and security holes. Very comprehensive information about every single intrusion attempt is recorded and the logs the firewall maintains are a lot more specific than the conventional logs provided by the Apache server, so you can later examine them and decide if you need to take extra measures in order to boost the security of your script-driven websites.
ModSecurity in Cloud Hosting
ModSecurity is provided with all cloud hosting machines, so if you decide to host your Internet sites with our firm, they will be protected against an array of attacks. The firewall is turned on by default for all domains and subdomains, so there shall be nothing you will have to do on your end. You shall be able to stop ModSecurity for any website if necessary, or to switch on a detection mode, so that all activity will be recorded, but the firewall won't take any real action. You will be able to view detailed logs via your Hepsia CP including the IP address where the attack came from, what the attacker wanted to do and how ModSecurity addressed the threat. As we take the security of our clients' Internet sites seriously, we use a collection of commercial rules that we get from one of the top companies that maintain this kind of rules. Our administrators also add custom rules to make certain that your Internet sites shall be protected against as many risks as possible.
ModSecurity in Semi-dedicated Hosting
All semi-dedicated hosting plans that we offer come with ModSecurity and given that the firewall is turned on by default, any website you set up under a domain or a subdomain will be protected right away. A separate section within the Hepsia CP that comes with the semi-dedicated accounts is devoted to ModSecurity and it shall allow you to start and stop the firewall for any website or enable a detection mode. With the latter, ModSecurity will not take any action, but it shall still detect possible attacks and will keep all data inside a log as if it were fully active. The logs could be found within the exact same section of the CP and they include specifics about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to detect and stop it, and so on. The security rules that we use on our machines are a mix between commercial ones from a security company and custom ones developed by our system administrators. For that reason, we provide increased security for your web applications as we can protect them from attacks before security businesses release updates for new threats.
ModSecurity in VPS Hosting
ModSecurity is pre-installed on all virtual private servers that are offered with the Hepsia hosting Control Panel, so your web applications shall be secured from the second your server is in a position. The firewall is turned on by default for any domain or subdomain on the Virtual Private Server, but if necessary, you'll be able to disable it with a click of your mouse via the corresponding section of Hepsia. You can also set it to function in detection mode, so it'll keep a detailed log of any possible attacks without taking any action to stop them. The logs can be found in the very same section and provide info about the nature of the attack, what IP address it came from and what ModSecurity rule was triggered to stop it. For optimum security, we use not only commercial rules from a firm operating in the field of web security, but also custom ones which our administrators add manually in order to respond to new risks that are still not tackled in the commercial rules.
ModSecurity in Dedicated Web Hosting
All our dedicated servers that are set up with the Hepsia hosting Control Panel come with ModSecurity, so any app which you upload or set up will be secured from the very beginning and you won't need to stress about common attacks or vulnerabilities. An independent section inside Hepsia will permit you to start or stop the firewall for any domain or subdomain, or turn on a detection mode so that it records information regarding intrusions, but does not take actions to stop them. What you will see in the logs can easily enable you to to secure your sites better - the IP an attack originated from, what site was attacked and how, what ModSecurity rule was triggered, etcetera. With this info, you could see whether a site needs an update, whether you ought to block IPs from accessing your hosting server, and so on. In addition to the third-party commercial security rules for ModSecurity we use, our administrators include custom ones too every time they find a new threat which is not yet a part of the commercial bundle.