ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its overall performance and if it discovers an intrusion attempt, it prevents it. The firewall additionally keeps a more thorough log for the traffic than any server does, so you'll be able to keep an eye on what's going on with your websites a lot better than if you rely simply on standard logs. ModSecurity works with security rules based on which it stops attacks. For instance, it recognizes whether somebody is attempting to log in to the administration area of a specific script multiple times or if a request is sent to execute a file with a certain command. In these instances these attempts trigger the corresponding rules and the firewall program hinders the attempts instantly, and then records in-depth details about them inside its logs. ModSecurity is among the most effective software firewalls available and it could easily protect your web apps against a large number of threats and vulnerabilities, especially if you don’t update them or their plugins regularly.
ModSecurity in Shared Hosting
We offer ModSecurity with all shared hosting solutions, so your Internet applications shall be protected against malicious attacks. The firewall is switched on as standard for all domains and subdomains, but if you'd like, you shall be able to stop it through the respective part of your Hepsia CP. You'll be able to also switch on a detection mode, so ModSecurity will keep a log as intended, but shall not take any action. The logs that you shall find inside Hepsia are extremely detailed and feature data about the nature of any attack, when it transpired and from what IP, the firewall rule which was triggered, etc. We use a set of commercial rules that are often updated, but sometimes our admins include custom rules as well in order to better protect the sites hosted on our machines.
ModSecurity in Semi-dedicated Servers
We've included ModSecurity as a standard in all semi-dedicated server plans, so your web applications shall be protected whenever you install them under any domain or subdomain. The Hepsia Control Panel that comes with the semi-dedicated accounts shall allow you to switch on or turn off the firewall for any site with a mouse click. You'll also be able to turn on a passive detection mode in which ModSecurity will keep a log of potential attacks without really preventing them. The thorough logs contain the nature of the attack and what ModSecurity response that attack initiated, where it originated from, etc. The list of rules which we use is regularly updated in order to match any new threats that might appear on the Internet and it features both commercial rules that we get from a security business and custom-written ones that our admins include if they find a threat which is not present in the commercial list yet.
ModSecurity in VPS Servers
ModSecurity comes with all Hepsia-based VPS servers that we offer and it shall be activated automatically for any new domain or subdomain that you include on the hosting server. That way, any web application which you install will be protected immediately without doing anything personally on your end. The firewall can be managed through the section of the CP that has the same name. This is the area whereyou can turn off ModSecurity or activate its passive mode, so it won't take any action toward threats, but will still keep a detailed log. The recorded data is available inside the same area as well and you'll be able to see what IPs any attacks came from so that you can stop them, what the nature of the attempted attacks was and based on what security rules ModSecurity reacted. The rules we use on our servers are a mixture between commercial ones which we get from a security organization and custom ones which are added by our admins to optimize the protection of any web applications hosted on our end.
ModSecurity in Dedicated Servers
If you opt to host your websites on a dedicated server with the Hepsia Control Panel, your web applications will be protected immediately as ModSecurity is supplied with all Hepsia-based plans. You'll be able to manage the firewall effortlessly and if required, you shall be able to turn it off or activate its passive mode when it'll only keep a log of what is occurring without taking any action to stop potential attacks. The logs that you will find inside the same section of the Control Panel are incredibly detailed and include details about the attacker IP, what site and file were attacked and in what ways, what rule the firewall employed to stop the intrusion, and so forth. This info will enable you to take measures and improve the security of your Internet sites even more. To be on the safe side, we use not just commercial rules, but also custom-made ones that our admins add when they identify attacks that have not yet been included within the commercial pack.