ModSecurity is an efficient firewall for Apache web servers that's employed to stop attacks towards web applications. It monitors the HTTP traffic to a particular site in real time and prevents any intrusion attempts the instant it detects them. The firewall relies on a set of rules to accomplish that - for instance, trying to log in to a script administrator area unsuccessfully several times triggers one rule, sending a request to execute a specific file which could result in gaining access to the site triggers a different rule, etc. ModSecurity is among the best firewalls around and it will preserve even scripts which aren't updated on a regular basis since it can prevent attackers from using known exploits and security holes. Incredibly comprehensive data about each and every intrusion attempt is recorded and the logs the firewall keeps are much more comprehensive than the regular logs created by the Apache server, so you could later examine them and decide if you need to take extra measures in order to increase the security of your script-driven websites.
ModSecurity in Web Hosting
ModSecurity is supplied with all web hosting servers, so if you decide to host your sites with our organization, they will be resistant to a wide range of attacks. The firewall is turned on as standard for all domains and subdomains, so there shall be nothing you shall have to do on your end. You will be able to stop ModSecurity for any site if necessary, or to enable a detection mode, so that all activity shall be recorded, but the firewall shall not take any real action. You will be able to view comprehensive logs using your Hepsia CP including the IP address where the attack originated from, what the attacker wanted to do and how ModSecurity addressed the threat. Since we take the protection of our clients' sites seriously, we use a selection of commercial rules that we take from one of the top companies that maintain this sort of rules. Our administrators also include custom rules to make sure that your websites will be shielded from as many threats as possible.
ModSecurity in Semi-dedicated Hosting
All semi-dedicated hosting packages which we offer come with ModSecurity and given that the firewall is enabled by default, any Internet site which you build under a domain or a subdomain shall be secured right from the start. An independent section within the Hepsia CP which comes with the semi-dedicated accounts is dedicated to ModSecurity and it will permit you to start and stop the firewall for any Internet site or switch on a detection mode. With the last option, ModSecurity will not take any action, but it'll still identify possible attacks and shall keep all information inside a log as if it were 100% active. The logs could be found within the exact same section of the CP and they include information regarding the IP where an attack came from, what its nature was, what rule ModSecurity applies to detect and stop it, etcetera. The security rules we employ on our web servers are a mix of commercial ones from a security business and custom ones developed by our system administrators. Consequently, we provide higher security for your web apps as we can shield them from attacks even before security firms release updates for new threats.
ModSecurity in Dedicated Web Hosting
ModSecurity is available as standard with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain you host or subdomain which you create on the web server. In case that a web application does not operate adequately, you can either turn off the firewall or set it to function in passive mode. The second means that ModSecurity shall keep a log of any possible attack which could happen, but will not take any action to stop it. The logs generated in active or passive mode shall provide you with additional details about the exact file that was attacked, the nature of the attack and the IP address it originated from, and so forth. This information will permit you to determine what actions you can take to boost the safety of your websites, including blocking IPs or performing script and plugin updates. The ModSecurity rules we use are updated constantly with a commercial bundle from a third-party security firm we work with, but occasionally our staff add their own rules as well in the event that they discover a new potential threat.