ModSecurity is an effective firewall for Apache web servers that's used to stop attacks against web apps. It keeps track of the HTTP traffic to a given Internet site in real time and blocks any intrusion attempts as soon as it discovers them. The firewall uses a set of rules to accomplish that - as an example, trying to log in to a script administrator area unsuccessfully many times sets off one rule, sending a request to execute a certain file that may result in gaining access to the website triggers another rule, and so forth. ModSecurity is one of the best firewalls around and it will preserve even scripts that are not updated frequently because it can prevent attackers from using known exploits and security holes. Quite thorough info about every single intrusion attempt is recorded and the logs the firewall keeps are much more specific than the regular logs generated by the Apache server, so you can later take a look at them and determine whether you need to take extra measures so as to increase the protection of your script-driven Internet sites.
ModSecurity in Shared Website Hosting
ModSecurity is available on all shared website hosting servers, so when you decide to host your sites with our firm, they will be shielded from a wide range of attacks. The firewall is enabled by default for all domains and subdomains, so there shall be nothing you'll have to do on your end. You will be able to stop ModSecurity for any website if required, or to activate a detection mode, so that all activity will be recorded, but the firewall shall not take any real action. You'll be able to view comprehensive logs through your Hepsia CP including the IP address where the attack originated from, what the attacker planned to do and how ModSecurity handled the threat. Since we take the protection of our customers' websites seriously, we use a set of commercial rules that we get from one of the leading companies that maintain this kind of rules. Our admins also add custom rules to make certain that your sites shall be shielded from as many risks as possible.
ModSecurity in Dedicated Servers Hosting
ModSecurity is available by default with all dedicated servers which are set up with the Hepsia CP and is set to “Active” automatically for any domain which you host or subdomain which you create on the server. Just in case that a web app does not work adequately, you could either disable the firewall or set it to function in passive mode. The latter means that ModSecurity shall maintain a log of any possible attack which could take place, but won't take any action to stop it. The logs produced in passive or active mode will present you with additional details about the exact file that was attacked, the type of the attack and the IP address it came from, etc. This information will permit you to determine what actions you can take to improve the security of your sites, such as blocking IPs or carrying out script and plugin updates. The ModSecurity rules that we employ are updated frequently with a commercial pack from a third-party security enterprise we work with, but oftentimes our admins add their own rules as well in case they find a new potential threat.