ModSecurity is an efficient firewall for Apache web servers that is used to stop attacks towards web applications. It monitors the HTTP traffic to a particular site in real time and blocks any intrusion attempts as soon as it identifies them. The firewall relies on a set of rules to accomplish that - as an example, attempting to log in to a script admin area without success several times sets off one rule, sending a request to execute a specific file that may result in getting access to the site triggers a different rule, etc. ModSecurity is among the best firewalls available on the market and it will protect even scripts which are not updated often since it can prevent attackers from employing known exploits and security holes. Very thorough information about each intrusion attempt is recorded and the logs the firewall keeps are far more comprehensive than the standard logs created by the Apache server, so you could later examine them and determine whether you need to take additional measures so as to enhance the security of your script-driven websites.
ModSecurity in Website Hosting
ModSecurity can be found with each website hosting solution that we offer and it's activated by default for any domain or subdomain which you add through your Hepsia Control Panel. In the event that it disrupts any of your programs or you would like to disable it for some reason, you shall be able to do this through the ModSecurity area of Hepsia with simply a click. You can also use a passive mode, so the firewall will discover possible attacks and maintain a log, but will not take any action. You can view detailed logs in the same section, including the IP address where the attack came from, what exactly the attacker aimed to do and at what time, what ModSecurity did, and so on. For maximum safety of our clients we use a group of commercial firewall rules combined with custom ones which are included by our system administrators.
ModSecurity in Semi-dedicated Servers
Any web program you install within your new semi-dedicated server account will be protected by ModSecurity as the firewall is included with all our hosting plans and is turned on by default for any domain and subdomain that you include or create via your Hepsia hosting CP. You shall be able to manage ModSecurity via a dedicated area inside Hepsia where not only can you activate or deactivate it entirely, but you can also enable a passive mode, so the firewall will not stop anything, but it will still keep a record of possible attacks. This takes only a mouse click and you'll be able to see the logs no matter if ModSecurity is in active or passive mode through the same section - what the attack was and where it came from, how it was taken care of, etc. The firewall employs 2 groups of rules on our web servers - a commercial one which we get from a third-party web security firm and a custom one that our administrators update personally as to respond to newly discovered threats as soon as possible.
ModSecurity in Dedicated Servers
If you choose to host your sites on a dedicated server with the Hepsia CP, your web applications will be secured immediately because ModSecurity is supplied with all Hepsia-based solutions. You'll be able to manage the firewall without difficulty and if required, you will be able to turn it off or switch on its passive mode when it shall only maintain a log of what is taking place without taking any action to prevent potential attacks. The logs which you will find within the same section of the Control Panel are extremely detailed and contain details about the attacker IP, what site and file were attacked and in what way, what rule the firewall employed to prevent the intrusion, etc. This data will allow you to take measures and enhance the protection of your websites even more. To be on the safe side, we use not only commercial rules, but also custom-made ones which our administrators add every time they identify attacks that haven't yet been included inside the commercial pack.