ModSecurity is a powerful firewall for Apache web servers that's used to prevent attacks against web applications. It monitors the HTTP traffic to a certain website in real time and prevents any intrusion attempts the instant it detects them. The firewall relies on a set of rules to do that - for example, trying to log in to a script admin area without success several times activates one rule, sending a request to execute a specific file that may result in gaining access to the Internet site triggers another rule, and so on. ModSecurity is amongst the best firewalls on the market and it will preserve even scripts which are not updated often because it can prevent attackers from using known exploits and security holes. Quite detailed data about each and every intrusion attempt is recorded and the logs the firewall keeps are much more comprehensive than the standard logs generated by the Apache server, so you could later take a look at them and decide whether you need to take extra measures so as to increase the security of your script-driven Internet sites.
ModSecurity in Cloud Hosting
ModSecurity is supplied with all cloud hosting web servers, so when you opt to host your sites with our firm, they shall be protected against an array of attacks. The firewall is enabled by default for all domains and subdomains, so there shall be nothing you'll have to do on your end. You shall be able to stop ModSecurity for any Internet site if necessary, or to activate a detection mode, so that all activity will be recorded, but the firewall will not take any real action. You shall be able to view comprehensive logs via your Hepsia CP including the IP where the attack originated from, what the attacker wished to do and how ModSecurity addressed the threat. As we take the safety of our customers' Internet sites seriously, we employ a group of commercial rules that we take from one of the leading firms that maintain such rules. Our admins also include custom rules to make certain that your websites will be resistant to as many threats as possible.
ModSecurity in Semi-dedicated Servers
ModSecurity is part of our semi-dedicated server solutions and if you opt to host your Internet sites with us, there will not be anything special you'll need to do given that the firewall is activated by default for all domains and subdomains you include using your hosting Control Panel. If needed, you'll be able to disable ModSecurity for a certain website or turn on the so-called detection mode in which case the firewall shall still function and record info, but will not do anything to stop possible attacks against your websites. In depth logs will be available within your CP and you will be able to see what type of attacks occurred, what security rules were triggered and how the firewall addressed the threats, what Internet protocol addresses the attacks originated from, and so forth. We use two sorts of rules on our servers - commercial ones from a business that operates in the field of web security, and custom made ones that our administrators sometimes add to respond to newly found risks on time.
ModSecurity in VPS Servers
All VPS servers that are set up with the Hepsia CP include ModSecurity. The firewall is set up and activated by default for all domains which are hosted on the web server, so there won't be anything special which you'll have to do to protect your Internet sites. It'll take you only a mouse click to stop ModSecurity if required or to turn on its passive mode so that it records what occurs without taking any actions to stop intrusions. You will be able to view the logs produced in passive or active mode via the corresponding section of Hepsia and discover more about the type of the attack, where it came from, what rule the firewall employed to deal with it, etcetera. We use a mix of commercial and custom rules so as to ensure that ModSecurity shall block as many threats as possible, consequently enhancing the security of your web programs as much as possible.
ModSecurity in Dedicated Servers
ModSecurity is included with all dedicated servers which are integrated with our Hepsia Control Panel and you won't have to do anything specific on your end to use it as it is turned on by default every time you include a new domain or subdomain on your hosting server. If it disrupts some of your programs, you will be able to stop it via the respective section of Hepsia, or you can leave it in passive mode, so it'll recognize attacks and will still maintain a log for them, but won't prevent them. You can look at the logs later to determine what you can do to enhance the security of your sites since you'll find details such as where an intrusion attempt originated from, what website was attacked and based on what rule ModSecurity reacted, etcetera. The rules we use are commercial, thus they are constantly updated by a security provider, but to be on the safe side, our staff also include custom rules occasionally as to react to any new threats they have found.