ModSecurity is a highly effective firewall for Apache web servers which is used to prevent attacks toward web applications. It keeps track of the HTTP traffic to a particular Internet site in real time and stops any intrusion attempts as soon as it discovers them. The firewall relies on a set of rules to do that - as an illustration, trying to log in to a script administration area unsuccessfully several times sets off one rule, sending a request to execute a particular file which may result in accessing the website triggers another rule, and so on. ModSecurity is one of the best firewalls out there and it'll protect even scripts which are not updated often since it can prevent attackers from using known exploits and security holes. Very comprehensive data about every intrusion attempt is recorded and the logs the firewall keeps are considerably more specific than the standard logs generated by the Apache server, so you may later take a look at them and decide if you need to take more measures so as to enhance the protection of your script-driven sites.
ModSecurity in Hosting
ModSecurity is available on all hosting machines, so when you decide to host your websites with our firm, they will be shielded from an array of attacks. The firewall is enabled as standard for all domains and subdomains, so there shall be nothing you shall need to do on your end. You'll be able to stop ModSecurity for any site if necessary, or to activate a detection mode, so all activity will be recorded, but the firewall will not take any real action. You'll be able to view comprehensive logs using your Hepsia Control Panel including the IP address where the attack originated from, what the attacker wished to do and how ModSecurity handled the threat. As we take the security of our clients' sites seriously, we use a group of commercial rules which we get from one of the leading companies which maintain this sort of rules. Our administrators also include custom rules to make certain that your sites shall be shielded from as many threats as possible.
ModSecurity in Dedicated Servers
ModSecurity is offered as standard with all dedicated servers that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain which you host or subdomain that you create on the web server. In case that a web application doesn't function properly, you could either disable the firewall or set it to function in passive mode. The latter means that ModSecurity will maintain a log of any potential attack which may happen, but shall not take any action to stop it. The logs generated in passive or active mode will give you additional details about the exact file which was attacked, the nature of the attack and the IP it came from, etcetera. This info shall allow you to choose what actions you can take to boost the security of your websites, such as blocking IPs or carrying out script and plugin updates. The ModSecurity rules that we employ are updated regularly with a commercial package from a third-party security company we work with, but oftentimes our staff include their own rules also in the event that they find a new potential threat.