ModSecurity is an effective firewall for Apache web servers that is employed to prevent attacks towards web apps. It monitors the HTTP traffic to a specific website in real time and stops any intrusion attempts the instant it discovers them. The firewall relies on a set of rules to do that - as an illustration, attempting to log in to a script administration area unsuccessfully several times triggers one rule, sending a request to execute a specific file that could result in getting access to the Internet site triggers a different rule, etc. ModSecurity is amongst the best firewalls out there and it'll protect even scripts which are not updated frequently since it can prevent attackers from using known exploits and security holes. Quite comprehensive data about each and every intrusion attempt is recorded and the logs the firewall maintains are far more specific than the conventional logs provided by the Apache server, so you could later examine them and determine if you need to take more measures in order to enhance the security of your script-driven websites.
ModSecurity in Website Hosting
ModSecurity is offered with every single website hosting package that we offer and it is activated by default for every domain or subdomain that you include via your Hepsia CP. In the event that it disrupts any of your apps or you would like to disable it for any reason, you will be able to do this through the ModSecurity section of Hepsia with simply a click. You may also enable a passive mode, so the firewall will identify possible attacks and keep a log, but shall not take any action. You can see comprehensive logs in the exact same section, including the IP address where the attack came from, what precisely the attacker attempted to do and at what time, what ModSecurity did, etcetera. For optimum safety of our clients we use a collection of commercial firewall rules blended with custom ones which are provided by our system administrators.
ModSecurity in Semi-dedicated Hosting
All semi-dedicated hosting solutions that we offer feature ModSecurity and because the firewall is turned on by default, any site that you build under a domain or a subdomain will be secured straight away. An individual section in the Hepsia CP which comes with the semi-dedicated accounts is dedicated to ModSecurity and it shall allow you to start and stop the firewall for any Internet site or enable a detection mode. With the latter, ModSecurity will not take any action, but it'll still identify possible attacks and will keep all information inside a log as if it were fully active. The logs can be found inside the same section of the CP and they include specifics about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to identify and stop it, and so on. The security rules we use on our machines are a mix of commercial ones from a security company and custom ones developed by our system administrators. As a result, we provide higher security for your web applications as we can defend them from attacks before security companies release updates for brand new threats.
ModSecurity in Dedicated Web Hosting
When you opt to host your Internet sites on a dedicated server with the Hepsia CP, your web applications shall be secured straight away as ModSecurity is supplied with all Hepsia-based packages. You'll be able to manage the firewall with ease and if necessary, you'll be able to turn it off or activate its passive mode when it will only keep a log of what is going on without taking any action to stop potential attacks. The logs which you will find in the very same section of the CP are really detailed and contain info about the attacker IP, what site and file were attacked and in what ways, what rule the firewall used to prevent the intrusion, etc. This info shall permit you to take measures and boost the security of your sites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones which our admins include when they identify attacks that haven't yet been included within the commercial pack.