ModSecurity is a powerful firewall for Apache web servers which is employed to prevent attacks towards web applications. It keeps track of the HTTP traffic to a specific website in real time and prevents any intrusion attempts as soon as it detects them. The firewall uses a set of rules to do this - for example, trying to log in to a script administration area unsuccessfully several times sets off one rule, sending a request to execute a specific file that could result in accessing the website triggers another rule, etc. ModSecurity is amongst the best firewalls available on the market and it will protect even scripts which aren't updated on a regular basis since it can prevent attackers from employing known exploits and security holes. Quite detailed info about every intrusion attempt is recorded and the logs the firewall keeps are a lot more specific than the regular logs generated by the Apache server, so you may later analyze them and determine whether you need to take more measures in order to boost the security of your script-driven websites.
ModSecurity in Shared Hosting
ModSecurity comes by default with all shared hosting
plans which we offer and it shall be turned on automatically for any domain or subdomain which you add/create in your Hepsia hosting CP. The firewall has 3 different modes, so you can switch on and disable it with a click or set it to detection mode, so it'll maintain a log of all attacks, but it will not do anything to prevent them. The log for any of your sites will include comprehensive info such as the nature of the attack, where it came from, what action was taken by ModSecurity, and so forth. The firewall rules that we use are constantly updated and incorporate both commercial ones which we get from a third-party security firm and custom ones our system administrators include in the event that they detect a new type of attacks. That way, the Internet sites you host here will be far more protected without any action expected on your end.
ModSecurity in Semi-dedicated Servers
ModSecurity is a part of our semi-dedicated server
packages and if you choose to host your sites with our company, there shall not be anything special you'll need to do given that the firewall is turned on by default for all domains and subdomains which you include using your hosting CP. If needed, you'll be able to disable ModSecurity for a given website or turn on the so-called detection mode in which case the firewall shall still work and record data, but won't do anything to stop possible attacks on your websites. Comprehensive logs shall be available inside your Control Panel and you'll be able to see what sort of attacks happened, what security rules were triggered and how the firewall handled the threats, what Internet protocol addresses the attacks originated from, and so on. We use two kinds of rules on our servers - commercial ones from a firm that operates in the field of web security, and custom ones which our administrators occasionally include to respond to newly identified risks on time.
ModSecurity in Dedicated Servers
ModSecurity is included with all dedicated servers
that are integrated with our Hepsia CP and you'll not need to do anything specific on your end to use it because it is enabled by default whenever you add a new domain or subdomain on your web server. If it disrupts any of your apps, you'll be able to stop it through the respective part of Hepsia, or you can leave it working in passive mode, so it shall detect attacks and shall still keep a log for them, but shall not prevent them. You may analyze the logs later to determine what you can do to improve the protection of your websites as you will find details such as where an intrusion attempt came from, what site was attacked and based on what rule ModSecurity reacted, etcetera. The rules that we employ are commercial, hence they are frequently updated by a security provider, but to be on the safe side, our admins also add custom rules once in a while as to react to any new threats they have identified.