ModSecurity is a powerful web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its functionality and if it discovers an intrusion attempt, it blocks it. The firewall additionally keeps a more thorough log for the website visitors than any web server does, so you'll be able to keep an eye on what's going on with your sites better than if you rely simply on conventional logs. ModSecurity works with security rules based on which it prevents attacks. For example, it detects whether anyone is attempting to log in to the administrator area of a certain script several times or if a request is sent to execute a file with a particular command. In these instances these attempts set off the corresponding rules and the firewall software hinders the attempts right away, after that records in-depth information about them within its logs. ModSecurity is amongst the best software firewalls on the market and it could easily protect your web apps against a large number of threats and vulnerabilities, particularly if you don’t update them or their plugins regularly.
ModSecurity in Hosting
We offer ModSecurity with all hosting plans, so your Internet apps will be shielded from harmful attacks. The firewall is switched on by default for all domains and subdomains, but in case you'd like, you'll be able to stop it via the respective area of your Hepsia CP. You can also switch on a detection mode, so ModSecurity will keep a log as intended, but won't take any action. The logs which you shall find inside Hepsia are incredibly detailed and offer data about the nature of any attack, when it took place and from what IP address, the firewall rule which was triggered, etc. We employ a set of commercial rules that are regularly updated, but sometimes our administrators include custom rules as well so as to efficiently protect the websites hosted on our servers.
ModSecurity in Semi-dedicated Hosting
We've incorporated ModSecurity by default in all semi-dedicated hosting packages, so your web apps will be protected whenever you install them under any domain or subdomain. The Hepsia CP that comes with the semi-dedicated accounts will permit you to switch on or disable the firewall for any Internet site with a mouse click. You'll also be able to switch on a passive detection mode through which ModSecurity shall keep a log of possible attacks without actually preventing them. The detailed logs include the nature of the attack and what ModSecurity response this attack activated, where it came from, etcetera. The list of rules which we use is regularly updated in order to match any new risks that might appear on the Internet and it features both commercial rules that we get from a security firm and custom-written ones that our admins include in the event that they find a threat which is not present in the commercial list yet.
ModSecurity in VPS
ModSecurity comes with all Hepsia-based virtual private servers we offer and it shall be turned on automatically for every new domain or subdomain which you include on the hosting server. In this way, any web application you install will be protected right from the start without doing anything by hand on your end. The firewall could be handled from the section of the Control Panel which has the same name. This is the area whereyou could switch off ModSecurity or activate its passive mode, so it won't take any action against threats, but shall still maintain a thorough log. The recorded information is available in the same section as well and you'll be able to see what IPs any attacks originated from so that you can stop them, what the nature of the attempted attacks was and based upon what security rules ModSecurity reacted. The rules that we employ on our servers are a mix between commercial ones which we get from a security company and custom ones that are added by our staff to improve the protection of any web apps hosted on our end.
ModSecurity in Dedicated Hosting
All of our dedicated servers which are set up with the Hepsia hosting Control Panel come with ModSecurity, so any application you upload or install will be properly secured from the very beginning and you will not need to worry about common attacks or vulnerabilities. A separate section within Hepsia will permit you to start or stop the firewall for any domain or subdomain, or activate a detection mode so that it records details about intrusions, but doesn't take actions to stop them. What you'll discover in the logs can help you to secure your websites better - the IP an attack originated from, what website was attacked and in what way, what ModSecurity rule was triggered, etc. With this data, you'll be able to see whether a website needs an update, if you should block IPs from accessing your server, etc. In addition to the third-party commercial security rules for ModSecurity we use, our admins include custom ones as well if they find a new threat that is not yet a part of the commercial bundle.