ModSecurity is an effective firewall for Apache web servers which is used to prevent attacks against web applications. It keeps track of the HTTP traffic to a certain website in real time and prevents any intrusion attempts the moment it discovers them. The firewall relies on a set of rules to do that - as an example, trying to log in to a script administration area without success a few times activates one rule, sending a request to execute a specific file that may result in gaining access to the Internet site triggers another rule, etc. ModSecurity is amongst the best firewalls around and it will protect even scripts which are not updated regularly because it can prevent attackers from using known exploits and security holes. Incredibly thorough data about every single intrusion attempt is recorded and the logs the firewall keeps are much more specific than the regular logs generated by the Apache server, so you can later analyze them and decide if you need to take more measures in order to improve the safety of your script-driven sites.
ModSecurity in Cloud Hosting
ModSecurity is offered with each cloud hosting
package which we offer and it's switched on by default for every domain or subdomain that you include via your Hepsia Control Panel. In case it interferes with any of your programs or you'd like to disable it for any reason, you will be able to accomplish that through the ModSecurity section of Hepsia with just a mouse click. You could also enable a passive mode, so the firewall will discover possible attacks and maintain a log, but will not take any action. You could view detailed logs in the exact same section, including the IP address where the attack originated from, exactly what the attacker aimed to do and at what time, what ModSecurity did, and so on. For max safety of our customers we use a group of commercial firewall rules mixed with custom ones which are included by our system admins.
ModSecurity in VPS Servers
ModSecurity is pre-installed on all VPS servers
which are offered with the Hepsia hosting CP, so your web applications will be protected from the moment your server is in a position. The firewall is turned on by default for any domain or subdomain on the Virtual Private Server, but if required, you'll be able to deactivate it with a click of your mouse through the corresponding section of Hepsia. You could also set it to function in detection mode, so it shall keep a detailed log of any possible attacks without taking any action to prevent them. The logs can be found within the exact same section and offer details about the nature of the attack, what IP it came from and what ModSecurity rule was triggered to stop it. For optimum security, we use not only commercial rules from a business operating in the field of web security, but also custom ones our admins include manually in order to react to new risks that are still not addressed in the commercial rules.
ModSecurity in Dedicated Servers
ModSecurity is provided with all dedicated servers
that are set up with our Hepsia Control Panel and you won't need to do anything specific on your end to employ it as it is activated by default every time you include a new domain or subdomain on your hosting server. If it interferes with any of your programs, you shall be able to stop it via the respective area of Hepsia, or you can leave it operating in passive mode, so it will identify attacks and will still maintain a log for them, but will not stop them. You may examine the logs later to find out what you can do to increase the security of your sites as you shall find details such as where an intrusion attempt came from, what Internet site was attacked and in accordance with what rule ModSecurity reacted, etc. The rules which we employ are commercial, thus they are constantly updated by a security provider, but to be on the safe side, our admins also include custom rules once in a while in order to react to any new threats they have discovered.