ModSecurity is a highly effective web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to an Internet site without affecting its performance and if it discovers an intrusion attempt, it prevents it. The firewall also keeps a more detailed log for the traffic than any web server does, so you'll manage to monitor what's going on with your sites a lot better than if you rely merely on conventional logs. ModSecurity employs security rules based on which it helps prevent attacks. For instance, it identifies whether anyone is attempting to log in to the administrator area of a specific script a number of times or if a request is sent to execute a file with a specific command. In such situations these attempts trigger the corresponding rules and the firewall software hinders the attempts right away, then records in-depth details about them within its logs. ModSecurity is amongst the best software firewalls on the market and it could easily protect your web applications against a large number of threats and vulnerabilities, particularly in case you don’t update them or their plugins frequently.
ModSecurity in Shared Hosting
ModSecurity is offered with every shared hosting plan which we offer and it is activated by default for any domain or subdomain that you add through your Hepsia CP. In case it disrupts any of your applications or you would like to disable it for some reason, you will be able to achieve that through the ModSecurity section of Hepsia with just a click. You may also use a passive mode, so the firewall will recognize possible attacks and maintain a log, but shall not take any action. You can see detailed logs in the very same section, including the IP address where the attack came from, what exactly the attacker attempted to do and at what time, what ModSecurity did, and so on. For maximum protection of our customers we use a set of commercial firewall rules blended with custom ones which are included by our system admins.
ModSecurity in Semi-dedicated Servers
Any web application that you set up in your new semi-dedicated server account will be protected by ModSecurity because the firewall comes with all our hosting solutions and is switched on by default for any domain and subdomain that you add or create through your Hepsia hosting Control Panel. You shall be able to manage ModSecurity via a dedicated section in Hepsia where not simply could you activate or deactivate it entirely, but you can also enable a passive mode, so the firewall shall not stop anything, but it shall still keep an archive of possible attacks. This takes simply a click and you will be able to view the logs regardless if ModSecurity is in passive or active mode through the same section - what the attack was and where it originated from, how it was handled, and so on. The firewall uses 2 sets of rules on our web servers - a commercial one that we get from a third-party web security provider and a custom one which our administrators update personally in order to respond to recently discovered risks at the earliest opportunity.
ModSecurity in VPS Servers
All VPS servers which are provided with the Hepsia Control Panel come with ModSecurity. The firewall is set up and turned on by default for all domains that are hosted on the machine, so there won't be anything special that you shall have to do to protect your sites. It shall take you simply a click to stop ModSecurity if necessary or to activate its passive mode so that it records what goes on without taking any actions to prevent intrusions. You shall be able to look at the logs produced in passive or active mode from the corresponding section of Hepsia and find out more about the form of the attack, where it came from, what rule the firewall used to handle it, and so forth. We employ a mix of commercial and custom rules so as to make sure that ModSecurity will stop as many threats as possible, consequently improving the protection of your web applications as much as possible.
ModSecurity in Dedicated Servers
ModSecurity is included with all dedicated servers that are set up with our Hepsia CP and you won't have to do anything specific on your end to use it because it is activated by default every time you add a new domain or subdomain on your server. If it disrupts any of your apps, you shall be able to stop it through the respective area of Hepsia, or you may leave it in passive mode, so it will recognize attacks and will still maintain a log for them, but shall not stop them. You'll be able to look at the logs later to learn what you can do to boost the security of your sites as you shall find information such as where an intrusion attempt originated from, what Internet site was attacked and based on what rule ModSecurity responded, etcetera. The rules that we employ are commercial, therefore they're frequently updated by a security provider, but to be on the safe side, our staff also include custom rules once in a while in order to react to any new threats they have found.