ModSecurity is a highly effective firewall for Apache web servers which is used to stop attacks against web applications. It tracks the HTTP traffic to a particular website in real time and stops any intrusion attempts the instant it discovers them. The firewall uses a set of rules to do this - as an illustration, trying to log in to a script administration area without success a few times activates one rule, sending a request to execute a certain file which could result in gaining access to the site triggers another rule, etc. ModSecurity is one of the best firewalls on the market and it will protect even scripts that aren't updated often because it can prevent attackers from using known exploits and security holes. Quite comprehensive data about every intrusion attempt is recorded and the logs the firewall keeps are considerably more detailed than the standard logs generated by the Apache server, so you may later analyze them and decide whether you need to take additional measures in order to improve the protection of your script-driven Internet sites.
ModSecurity in Hosting
ModSecurity is offered with each and every hosting solution which we offer and it is activated by default for any domain or subdomain that you include via your Hepsia Control Panel. In case it disrupts any of your applications or you would like to disable it for whatever reason, you'll be able to accomplish that through the ModSecurity area of Hepsia with merely a click. You can also use a passive mode, so the firewall will detect possible attacks and keep a log, but shall not take any action. You can view comprehensive logs in the very same section, including the IP where the attack originated from, what exactly the attacker attempted to do and at what time, what ModSecurity did, etc. For max safety of our clients we use a group of commercial firewall rules combined with custom ones which are provided by our system admins.
ModSecurity in Semi-dedicated Hosting
Any web application that you set up in your new semi-dedicated hosting account shall be protected by ModSecurity as the firewall comes with all our hosting packages and is activated by default for any domain and subdomain that you include or create through your Hepsia hosting Control Panel. You shall be able to manage ModSecurity via a dedicated section within Hepsia where not only could you activate or deactivate it fully, but you could also enable a passive mode, so the firewall won't stop anything, but it shall still maintain an archive of potential attacks. This requires just a mouse click and you'll be able to look at the logs regardless of if ModSecurity is in passive or active mode through the same section - what the attack was and where it originated from, how it was addressed, and so on. The firewall uses 2 groups of rules on our machines - a commercial one which we get from a third-party web security company and a custom one which our admins update personally in order to respond to recently discovered risks immediately.
ModSecurity in Dedicated Hosting
If you opt to host your sites on a dedicated server with the Hepsia CP, your web programs shall be secured right away because ModSecurity is available with all Hepsia-based packages. You'll be able to regulate the firewall effortlessly and if needed, you shall be able to turn it off or enable its passive mode when it'll only keep a log of what's going on without taking any action to prevent possible attacks. The logs which you can find within the exact same section of the Control Panel are really detailed and contain information about the attacker IP, what website and file were attacked and in what ways, what rule the firewall used to prevent the intrusion, and so on. This info will allow you to take measures and increase the security of your sites even more. To be on the safe side, we use not just commercial rules, but also custom-made ones that our admins include whenever they recognize attacks which have not yet been included in the commercial pack.