Find out how having ModSecurity allowed within your hosting account could help silently with your web site protection.
ModSecurity is an effective firewall for Apache web servers which is used to stop attacks against web apps. It keeps track of the HTTP traffic to a particular site in real time and stops any intrusion attempts the instant it detects them. The firewall uses a set of rules to accomplish that - as an example, attempting to log in to a script admin area without success several times triggers one rule, sending a request to execute a certain file that may result in accessing the website triggers another rule, etcetera. ModSecurity is among the best firewalls available and it'll secure even scripts that are not updated often because it can prevent attackers from using known exploits and security holes. Incredibly detailed info about every single intrusion attempt is recorded and the logs the firewall keeps are far more detailed than the conventional logs provided by the Apache server, so you could later analyze them and determine if you need to take extra measures in order to boost the protection of your script-driven websites.
ModSecurity in Shared Hosting
ModSecurity comes by default with all shared hosting
plans which we provide and it will be turned on automatically for any domain or subdomain that you add/create inside your Hepsia hosting Control Panel. The firewall has three different modes, so you can switch on and disable it with just a mouse click or set it to detection mode, so it shall maintain a log of all attacks, but it shall not do anything to stop them. The log for each of your Internet sites will feature in-depth information including the nature of the attack, where it came from, what action was taken by ModSecurity, and so on. The firewall rules that we use are constantly updated and comprise of both commercial ones that we get from a third-party security business and custom ones that our system admins include in the event that they detect a new kind of attacks. This way, the Internet sites that you host here shall be much more protected with no action needed on your end.
ModSecurity in Semi-dedicated Servers
All semi-dedicated server
plans which we offer include ModSecurity and since the firewall is turned on by default, any website which you build under a domain or a subdomain will be secured straight away. A separate section in the Hepsia Control Panel which comes with the semi-dedicated accounts is devoted to ModSecurity and it'll permit you to stop and start the firewall for any site or activate a detection mode. With the last mentioned, ModSecurity shall not take any action, but it'll still identify possible attacks and will keep all info inside a log as if it were fully active. The logs could be found inside the very same section of the Control Panel and they offer info about the IP where an attack came from, what its nature was, what rule ModSecurity applies to detect and stop it, etc. The security rules which we employ on our servers are a mix of commercial ones from a security company and custom ones made by our system admins. Consequently, we provide greater security for your web programs as we can shield them from attacks before security firms release updates for new threats.
ModSecurity in VPS Servers
ModSecurity comes with all Hepsia-based VPS servers
which we offer and it will be activated automatically for every new domain or subdomain which you include on the hosting server. This way, any web application you install will be protected immediately without doing anything manually on your end. The firewall may be handled through the section of the CP which bears the same name. This is the place in whichyou could switch off ModSecurity or let its passive mode, so it won't take any action against threats, but will still maintain a comprehensive log. The recorded data is available within the same area as well and you shall be able to see what IPs any attacks came from so that you stop them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity responded. The rules we use on our servers are a combination between commercial ones that we obtain from a security organization and custom ones which are included by our administrators to improve the security of any web applications hosted on our end.
ModSecurity in Dedicated Servers
If you choose to host your sites on a dedicated server
with the Hepsia CP, your web apps shall be protected right away as ModSecurity is available with all Hepsia-based plans. You will be able to manage the firewall easily and if necessary, you will be able to turn it off or activate its passive mode when it shall only keep a log of what is occurring without taking any action to prevent potential attacks. The logs which you will find inside the very same section of the CP are really detailed and contain details about the attacker IP address, what website and file were attacked and in what ways, what rule the firewall used to stop the intrusion, etcetera. This information shall allow you to take measures and increase the protection of your websites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones which our staff include when they recognize attacks which haven't yet been included in the commercial pack.