ModSecurity is a powerful web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to an Internet site without affecting its functionality and in case it detects an intrusion attempt, it prevents it. The firewall also keeps a more thorough log for the traffic than any server does, so you shall be able to monitor what is going on with your sites better than if you rely only on conventional logs. ModSecurity uses security rules based on which it stops attacks. For example, it recognizes if someone is attempting to log in to the administration area of a given script a number of times or if a request is sent to execute a file with a particular command. In such situations these attempts trigger the corresponding rules and the software blocks the attempts in real time, then records comprehensive details about them within its logs. ModSecurity is among the very best software firewalls available and it could easily protect your web applications against a large number of threats and vulnerabilities, especially in case you don’t update them or their plugins regularly.
ModSecurity in Web Hosting
We offer ModSecurity with all web hosting packages, so your web applications will be shielded from harmful attacks. The firewall is switched on by default for all domains and subdomains, but in case you would like, you shall be able to stop it using the respective section of your Hepsia Control Panel. You could also switch on a detection mode, so ModSecurity will keep a log as intended, but shall not take any action. The logs that you shall discover within Hepsia are very detailed and feature information about the nature of any attack, when it transpired and from what IP, the firewall rule that was triggered, and so on. We employ a set of commercial rules that are often updated, but sometimes our administrators add custom rules as well so as to efficiently protect the websites hosted on our machines.
ModSecurity in Semi-dedicated Servers
ModSecurity is part of our semi-dedicated server solutions and if you opt to host your websites with us, there shall not be anything special you'll need to do as the firewall is activated by default for all domains and subdomains which you include via your hosting CP. If necessary, you'll be able to disable ModSecurity for a given site or turn on the so-called detection mode in which case the firewall will still work and record info, but shall not do anything to prevent potential attacks against your Internet sites. Thorough logs shall be readily available in your CP and you shall be able to see what type of attacks happened, what security rules were triggered and how the firewall addressed the threats, what Internet protocol addresses the attacks originated from, etcetera. We employ two kinds of rules on our servers - commercial ones from a company which operates in the field of web security, and customized ones that our admins occasionally include to respond to newly found threats in a timely manner.
ModSecurity in VPS Servers
ModSecurity is pre-installed on all VPS servers which are set up with the Hepsia hosting Control Panel, so your web programs will be secured from the second your server is ready. The firewall is turned on by default for any domain or subdomain on the VPS, but if needed, you'll be able to disable it with a click from the corresponding section of Hepsia. You may also set it to function in detection mode, so it shall keep an extensive log of any possible attacks without taking any action to prevent them. The logs are available in the exact same section and offer information about the nature of the attack, what IP it originated from and what ModSecurity rule was activated to stop it. For best security, we employ not just commercial rules from a company working in the field of web security, but also custom ones our administrators include manually in order to respond to new threats which are still not tackled in the commercial rules.
ModSecurity in Dedicated Servers
ModSecurity is provided with all dedicated servers which are integrated with our Hepsia CP and you will not have to do anything specific on your end to employ it because it's switched on by default each time you add a new domain or subdomain on your hosting server. In case it interferes with any of your apps, you will be able to stop it through the respective part of Hepsia, or you may leave it working in passive mode, so it shall identify attacks and shall still maintain a log for them, but will not prevent them. You could look at the logs later to find out what you can do to enhance the security of your websites as you will find information such as where an intrusion attempt came from, what Internet site was attacked and based on what rule ModSecurity reacted, etc. The rules that we use are commercial, hence they're constantly updated by a security company, but to be on the safe side, our administrators also add custom rules from time to time as to respond to any new threats they have discovered.