ModSecurity is a powerful firewall for Apache web servers that is used to prevent attacks toward web apps. It monitors the HTTP traffic to a certain Internet site in real time and prevents any intrusion attempts as soon as it detects them. The firewall uses a set of rules to accomplish that - for instance, trying to log in to a script admin area unsuccessfully a few times sets off one rule, sending a request to execute a particular file which may result in getting access to the site triggers another rule, etcetera. ModSecurity is among the best firewalls out there and it will secure even scripts that aren't updated frequently as it can prevent attackers from employing known exploits and security holes. Very detailed information about every intrusion attempt is recorded and the logs the firewall keeps are far more comprehensive than the regular logs provided by the Apache server, so you may later take a look at them and determine whether you need to take more measures in order to enhance the safety of your script-driven websites.
ModSecurity in Website Hosting
ModSecurity is provided with all website hosting machines, so when you choose to host your sites with our firm, they'll be shielded from a wide range of attacks. The firewall is enabled as standard for all domains and subdomains, so there shall be nothing you will need to do on your end. You shall be able to stop ModSecurity for any Internet site if necessary, or to activate a detection mode, so all activity will be recorded, but the firewall won't take any real action. You'll be able to view specific logs from your Hepsia CP including the IP address where the attack came from, what the attacker planned to do and how ModSecurity addressed the threat. Since we take the security of our customers' Internet sites seriously, we employ a selection of commercial rules which we take from one of the best companies that maintain this kind of rules. Our admins also include custom rules to make certain that your sites shall be protected against as many risks as possible.
ModSecurity in Semi-dedicated Servers
We have integrated ModSecurity as a standard in all semi-dedicated server packages, so your web apps shall be protected as soon as you set them up under any domain or subdomain. The Hepsia CP which is included with the semi-dedicated accounts will allow you to enable or turn off the firewall for any website with a click. You shall also be able to activate a passive detection mode in which ModSecurity will maintain a log of potential attacks without actually preventing them. The comprehensive logs include the nature of the attack and what ModSecurity response this attack generated, where it originated from, etc. The list of rules we use is frequently updated in order to match any new risks which could appear on the Internet and it includes both commercial rules that we get from a security corporation and custom-written ones that our admins include if they discover a threat that's not present within the commercial list yet.
ModSecurity in Dedicated Servers
ModSecurity comes with all dedicated servers that are set up with our Hepsia Control Panel and you'll not need to do anything specific on your end to use it since it is activated by default whenever you include a new domain or subdomain on your server. In the event that it interferes with some of your applications, you will be able to stop it through the respective section of Hepsia, or you may leave it working in passive mode, so it will detect attacks and will still maintain a log for them, but shall not prevent them. You could look at the logs later to find out what you can do to improve the security of your Internet sites as you'll find details such as where an intrusion attempt originated from, what Internet site was attacked and based on what rule ModSecurity reacted, etc. The rules that we use are commercial, hence they're constantly updated by a security company, but to be on the safe side, our staff also include custom rules occasionally as to respond to any new threats they have identified.