ModSecurity is an efficient firewall for Apache web servers that's employed to prevent attacks toward web apps. It monitors the HTTP traffic to a certain site in real time and stops any intrusion attempts the moment it discovers them. The firewall uses a set of rules to accomplish that - for instance, trying to log in to a script administration area without success a few times triggers one rule, sending a request to execute a specific file that could result in getting access to the website triggers another rule, etcetera. ModSecurity is amongst the best firewalls around and it'll protect even scripts that are not updated frequently as it can prevent attackers from employing known exploits and security holes. Quite comprehensive data about each intrusion attempt is recorded and the logs the firewall keeps are far more detailed than the regular logs provided by the Apache server, so you may later examine them and decide if you need to take additional measures in order to improve the security of your script-driven websites.
ModSecurity in Shared Hosting
We provide ModSecurity with all shared hosting solutions, so your Internet applications will be resistant to destructive attacks. The firewall is switched on as standard for all domains and subdomains, but in case you would like, you'll be able to stop it through the respective section of your Hepsia CP. You'll be able to also switch on a detection mode, so ModSecurity shall keep a log as intended, but will not take any action. The logs which you'll find within Hepsia are very detailed and include data about the nature of any attack, when it took place and from what IP address, the firewall rule which was triggered, etc. We employ a group of commercial rules that are frequently updated, but sometimes our administrators add custom rules as well so as to better protect the websites hosted on our servers.
ModSecurity in Semi-dedicated Hosting
Any web application which you set up in your new semi-dedicated hosting account will be protected by ModSecurity as the firewall is provided with all our hosting plans and is activated by default for any domain and subdomain you include or create using your Hepsia hosting CP. You'll be able to manage ModSecurity via a dedicated section within Hepsia where not simply could you activate or deactivate it entirely, but you may also activate a passive mode, so the firewall won't stop anything, but it'll still maintain an archive of possible attacks. This normally requires only a mouse click and you'll be able to look at the logs no matter if ModSecurity is in active or passive mode through the same section - what the attack was and where it came from, how it was dealt with, and so forth. The firewall employs 2 groups of rules on our servers - a commercial one which we get from a third-party web security firm and a custom one that our administrators update manually in order to respond to recently discovered risks as soon as possible.
ModSecurity in Dedicated Web Hosting
ModSecurity is included with all dedicated servers which are set up with our Hepsia Control Panel and you won't need to do anything specific on your end to use it since it's enabled by default every time you include a new domain or subdomain on your server. In the event that it interferes with any of your apps, you'll be able to stop it through the respective area of Hepsia, or you could leave it working in passive mode, so it will recognize attacks and shall still keep a log for them, but shall not prevent them. You can look at the logs later to determine what you can do to improve the protection of your websites since you will find info such as where an intrusion attempt originated from, what site was attacked and based on what rule ModSecurity reacted, and so forth. The rules which we use are commercial, hence they're constantly updated by a security firm, but to be on the safe side, our admins also include custom rules from time to time in order to react to any new threats they have identified.