ModSecurity is an efficient firewall for Apache web servers that's employed to stop attacks against web applications. It monitors the HTTP traffic to a particular site in real time and stops any intrusion attempts the instant it identifies them. The firewall uses a set of rules to accomplish that - as an illustration, trying to log in to a script administrator area without success a few times sets off one rule, sending a request to execute a specific file that may result in gaining access to the website triggers another rule, etcetera. ModSecurity is amongst the best firewalls available on the market and it will protect even scripts which aren't updated on a regular basis as it can prevent attackers from employing known exploits and security holes. Incredibly detailed information about each intrusion attempt is recorded and the logs the firewall keeps are much more comprehensive than the conventional logs generated by the Apache server, so you may later take a look at them and determine if you need to take extra measures in order to increase the protection of your script-driven websites.
ModSecurity in Web Hosting
We provide ModSecurity with all web hosting packages, so your web apps shall be shielded from malicious attacks. The firewall is turned on by default for all domains and subdomains, but in case you would like, you'll be able to stop it through the respective part of your Hepsia Control Panel. You'll be able to also activate a detection mode, so ModSecurity will keep a log as intended, but won't take any action. The logs which you shall discover in Hepsia are very detailed and feature information about the nature of any attack, when it took place and from what IP address, the firewall rule that was triggered, etc. We use a group of commercial rules which are often updated, but sometimes our administrators add custom rules as well so as to efficiently protect the websites hosted on our servers.
ModSecurity in Semi-dedicated Hosting
We've included ModSecurity by default within all semi-dedicated hosting plans, so your web applications shall be protected as soon as you install them under any domain or subdomain. The Hepsia CP that comes with the semi-dedicated accounts will permit you to activate or disable the firewall for any site with a mouse click. You'll also have the ability to turn on a passive detection mode through which ModSecurity will maintain a log of potential attacks without really preventing them. The thorough logs include things like the nature of the attack and what ModSecurity response this attack triggered, where it originated from, etc. The list of rules that we use is constantly updated in order to match any new risks which might appear on the Internet and it features both commercial rules that we get from a security company and custom-written ones that our admins add if they discover a threat that's not present within the commercial list yet.
ModSecurity in Dedicated Web Hosting
ModSecurity is provided as standard with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain you host or subdomain which you create on the server. Just in case that a web app does not operate correctly, you could either disable the firewall or set it to operate in passive mode. The latter means that ModSecurity will maintain a log of any potential attack that may happen, but won't take any action to stop it. The logs created in active or passive mode shall present you with additional details about the exact file which was attacked, the form of the attack and the IP it came from, and so on. This data shall enable you to choose what steps you can take to boost the safety of your sites, including blocking IPs or carrying out script and plugin updates. The ModSecurity rules that we employ are updated regularly with a commercial pack from a third-party security company we work with, but from time to time our administrators add their own rules also in the event that they discover a new potential threat.