ModSecurity is a powerful firewall for Apache web servers which is used to prevent attacks towards web apps. It monitors the HTTP traffic to a given site in real time and blocks any intrusion attempts as soon as it identifies them. The firewall uses a set of rules to do this - as an illustration, attempting to log in to a script administrator area without success many times triggers one rule, sending a request to execute a specific file which may result in gaining access to the website triggers another rule, and so forth. ModSecurity is one of the best firewalls available and it'll secure even scripts that are not updated frequently as it can prevent attackers from using known exploits and security holes. Quite detailed info about every single intrusion attempt is recorded and the logs the firewall maintains are considerably more detailed than the conventional logs provided by the Apache server, so you may later examine them and determine whether you need to take extra measures so as to improve the security of your script-driven sites.
ModSecurity in Web Hosting
We provide ModSecurity with all web hosting plans, so your web apps will be protected against harmful attacks. The firewall is turned on by default for all domains and subdomains, but if you would like, you shall be able to stop it using the respective section of your Hepsia CP. You'll be able to also switch on a detection mode, so ModSecurity shall keep a log as intended, but will not take any action. The logs that you will find in Hepsia are quite detailed and offer info about the nature of any attack, when it transpired and from what IP, the firewall rule which was triggered, and so forth. We use a set of commercial rules which are regularly updated, but sometimes our admins add custom rules as well in order to better protect the sites hosted on our servers.
ModSecurity in Dedicated Servers
If you opt to host your websites on a dedicated server with the Hepsia CP, your web applications will be protected straight away as ModSecurity is available with all Hepsia-based packages. You will be able to control the firewall easily and if necessary, you shall be able to turn it off or activate its passive mode when it'll only maintain a log of what is taking place without taking any action to prevent potential attacks. The logs which you will find within the exact same section of the Control Panel are really detailed and contain data about the attacker IP, what site and file were attacked and in what ways, what rule the firewall used to stop the intrusion, etc. This data will enable you to take measures and increase the protection of your sites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones that our admins add every time they recognize attacks which haven't yet been included inside the commercial pack.