ModSecurity is a powerful web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its performance and when it identifies an intrusion attempt, it blocks it. The firewall additionally keeps a more comprehensive log for the website visitors than any web server does, so you shall be able to keep an eye on what is happening with your sites much better than if you rely merely on standard logs. ModSecurity uses security rules based on which it helps prevent attacks. For example, it detects whether someone is trying to log in to the administration area of a specific script multiple times or if a request is sent to execute a file with a specific command. In such instances these attempts trigger the corresponding rules and the software blocks the attempts right away, then records comprehensive details about them in its logs. ModSecurity is one of the most effective software firewalls available and it can protect your web applications against many threats and vulnerabilities, especially if you don’t update them or their plugins frequently.
ModSecurity in Shared Website Hosting
We provide ModSecurity with all shared website hosting
solutions, so your Internet apps will be protected against harmful attacks. The firewall is switched on by default for all domains and subdomains, but in case you'd like, you will be able to stop it via the respective area of your Hepsia Control Panel. You could also switch on a detection mode, so ModSecurity will keep a log as intended, but shall not take any action. The logs that you shall find inside Hepsia are incredibly detailed and offer info about the nature of any attack, when it happened and from what IP, the firewall rule which was triggered, etcetera. We use a set of commercial rules that are constantly updated, but sometimes our administrators add custom rules as well in order to efficiently protect the websites hosted on our machines.
ModSecurity in Semi-dedicated Servers
We've incorporated ModSecurity by default in all semi-dedicated server
packages, so your web applications shall be protected as soon as you install them under any domain or subdomain. The Hepsia CP that is included with the semi-dedicated accounts shall allow you to enable or turn off the firewall for any site with a mouse click. You'll also be able to turn on a passive detection mode through which ModSecurity will keep a log of possible attacks without actually preventing them. The comprehensive logs include the nature of the attack and what ModSecurity response that attack activated, where it originated from, and so forth. The list of rules we employ is constantly updated as to match any new threats which could appear on the Internet and it consists of both commercial rules that we get from a security firm and custom-written ones that our admins add in case they find a threat that's not present inside the commercial list yet.
ModSecurity in VPS Servers
All VPS servers
which are provided with the Hepsia CP feature ModSecurity. The firewall is set up and activated by default for all domains that are hosted on the server, so there shall not be anything special that you'll need to do to protect your sites. It shall take you a mouse click to stop ModSecurity if required or to turn on its passive mode so that it records what happens without taking any steps to prevent intrusions. You shall be able to see the logs generated in passive or active mode from the corresponding section of Hepsia and learn more about the type of the attack, where it originated from, what rule the firewall employed to deal with it, etcetera. We employ a mixture of commercial and custom rules so as to make certain that ModSecurity shall block out as many risks as possible, thus enhancing the security of your web programs as much as possible.
ModSecurity in Dedicated Servers
ModSecurity is included with all dedicated servers
which are integrated with our Hepsia CP and you will not have to do anything specific on your end to use it because it is turned on by default every time you include a new domain or subdomain on your server. If it disrupts any of your apps, you'll be able to stop it through the respective part of Hepsia, or you could leave it in passive mode, so it shall identify attacks and will still maintain a log for them, but will not block them. You'll be able to examine the logs later to find out what you can do to enhance the protection of your websites as you will find info such as where an intrusion attempt came from, what site was attacked and based upon what rule ModSecurity reacted, etcetera. The rules which we use are commercial, therefore they're constantly updated by a security firm, but to be on the safe side, our admins also include custom rules occasionally in order to deal with any new threats they have discovered.