ModSecurity is a highly effective firewall for Apache web servers that's employed to stop attacks against web applications. It keeps track of the HTTP traffic to a certain website in real time and prevents any intrusion attempts the moment it identifies them. The firewall relies on a set of rules to do that - for instance, trying to log in to a script admin area unsuccessfully several times triggers one rule, sending a request to execute a certain file that could result in accessing the website triggers a different rule, etcetera. ModSecurity is among the best firewalls around and it will preserve even scripts which aren't updated often as it can prevent attackers from employing known exploits and security holes. Quite thorough data about every single intrusion attempt is recorded and the logs the firewall maintains are far more specific than the conventional logs created by the Apache server, so you can later take a look at them and decide whether you need to take additional measures so as to improve the security of your script-driven sites.
ModSecurity in Cloud Website Hosting
ModSecurity comes standard with all cloud website hosting packages which we provide and it shall be switched on automatically for any domain or subdomain that you add/create in your Hepsia hosting CP. The firewall has 3 different modes, so you can activate and deactivate it with simply a mouse click or set it to detection mode, so it will maintain a log of all attacks, but it'll not do anything to prevent them. The log for any of your Internet sites will feature elaborate information including the nature of the attack, where it originated from, what action was taken by ModSecurity, etc. The firewall rules which we use are constantly updated and include both commercial ones we get from a third-party security company and custom ones which our system administrators add in case that they detect a new sort of attacks. In this way, the Internet sites you host here shall be way more protected without any action expected on your end.
ModSecurity in Semi-dedicated Servers
All semi-dedicated server solutions which we offer come with ModSecurity and because the firewall is switched on by default, any Internet site which you build under a domain or a subdomain will be protected immediately. An individual section within the Hepsia Control Panel that comes with the semi-dedicated accounts is devoted to ModSecurity and it shall enable you to start and stop the firewall for any website or enable a detection mode. With the last mentioned, ModSecurity won't take any action, but it'll still detect possible attacks and will keep all data in a log as if it were completely active. The logs could be found in the very same section of the CP and they feature details about the IP where an attack came from, what its nature was, what rule ModSecurity applies to recognize and stop it, etc. The security rules we employ on our machines are a mix between commercial ones from a security firm and custom ones made by our system admins. For that reason, we offer increased security for your web applications as we can shield them from attacks before security firms release updates for completely new threats.
ModSecurity in Dedicated Servers
ModSecurity is available as standard with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain you host or subdomain which you create on the server. In the event that a web app doesn't operate adequately, you can either switch off the firewall or set it to operate in passive mode. The second means that ModSecurity will keep a log of any potential attack that could occur, but shall not take any action to stop it. The logs produced in passive or active mode shall present you with additional details about the exact file that was attacked, the nature of the attack and the IP address it came from, and so forth. This info shall allow you to determine what measures you can take to improve the security of your Internet sites, such as blocking IPs or performing script and plugin updates. The ModSecurity rules that we use are updated regularly with a commercial package from a third-party security provider we work with, but from time to time our staff include their own rules too in the event that they come across a new potential threat.