ModSecurity is a powerful firewall for Apache web servers that is employed to stop attacks towards web apps. It tracks the HTTP traffic to a certain website in real time and blocks any intrusion attempts the moment it discovers them. The firewall relies on a set of rules to do that - for example, trying to log in to a script administration area without success a few times triggers one rule, sending a request to execute a specific file that could result in getting access to the site triggers a different rule, etc. ModSecurity is one of the best firewalls on the market and it'll secure even scripts that aren't updated regularly because it can prevent attackers from using known exploits and security holes. Incredibly thorough info about every single intrusion attempt is recorded and the logs the firewall maintains are considerably more detailed than the standard logs generated by the Apache server, so you may later examine them and decide whether you need to take more measures in order to improve the safety of your script-driven sites.
ModSecurity in Cloud Website Hosting
ModSecurity comes by default with all cloud website hosting solutions that we offer and it'll be activated automatically for any domain or subdomain that you add/create within your Hepsia hosting CP. The firewall has three different modes, so you can switch on and disable it with only a click or set it to detection mode, so it'll keep a log of all attacks, but it shall not do anything to stop them. The log for each of your Internet sites shall include in-depth information which includes the nature of the attack, where it came from, what action was taken by ModSecurity, etc. The firewall rules which we use are regularly updated and comprise of both commercial ones we get from a third-party security company and custom ones which our system admins add in the event that they detect a new sort of attacks. That way, the websites which you host here shall be much more secure without any action expected on your end.
ModSecurity in Semi-dedicated Servers
We have included ModSecurity by default in all semi-dedicated server packages, so your web apps shall be protected the instant you set them up under any domain or subdomain. The Hepsia Control Panel that comes with the semi-dedicated accounts shall permit you to activate or disable the firewall for any website with a mouse click. You'll also have the ability to turn on a passive detection mode through which ModSecurity shall keep a log of possible attacks without really stopping them. The detailed logs include the nature of the attack and what ModSecurity response this attack caused, where it came from, and so on. The list of rules that we use is constantly updated in order to match any new threats which could appear on the Internet and it comes with both commercial rules that we get from a security business and custom-written ones which our administrators include if they discover a threat that is not present in the commercial list yet.
ModSecurity in Dedicated Servers
ModSecurity is included with all dedicated servers which are set up with our Hepsia Control Panel and you'll not need to do anything specific on your end to employ it as it's enabled by default whenever you add a new domain or subdomain on your web server. In the event that it interferes with some of your applications, you'll be able to stop it through the respective section of Hepsia, or you could leave it in passive mode, so it shall recognize attacks and shall still keep a log for them, but shall not block them. You can examine the logs later to determine what you can do to increase the safety of your websites as you shall find information such as where an intrusion attempt came from, what website was attacked and based upon what rule ModSecurity reacted, etc. The rules which we use are commercial, hence they're frequently updated by a security provider, but to be on the safe side, our admins also add custom rules once in a while as to respond to any new threats they have identified.