ModSecurity is a powerful web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to a website without affecting its overall performance and when it identifies an intrusion attempt, it blocks it. The firewall also keeps a more detailed log for the website visitors than any web server does, so you'll be able to keep track of what is going on with your sites a lot better than if you rely simply on standard logs. ModSecurity employs security rules based on which it helps prevent attacks. For example, it recognizes if somebody is trying to log in to the admin area of a particular script a number of times or if a request is sent to execute a file with a certain command. In such cases these attempts set off the corresponding rules and the software blocks the attempts instantly, then records detailed details about them inside its logs. ModSecurity is amongst the most effective software firewalls on the market and it could easily protect your web apps against a huge number of threats and vulnerabilities, especially in case you don’t update them or their plugins regularly.
ModSecurity in Hosting
We provide ModSecurity with all hosting packages, so your web applications will be resistant to destructive attacks. The firewall is activated by default for all domains and subdomains, but if you'd like, you will be able to stop it via the respective part of your Hepsia Control Panel. You can also switch on a detection mode, so ModSecurity shall keep a log as intended, but won't take any action. The logs which you will discover in Hepsia are incredibly detailed and feature info about the nature of any attack, when it happened and from what IP, the firewall rule which was triggered, and so forth. We use a range of commercial rules which are often updated, but sometimes our admins include custom rules as well so as to efficiently protect the Internet sites hosted on our servers.
ModSecurity in Semi-dedicated Servers
Any web application you set up within your new semi-dedicated server account shall be protected by ModSecurity as the firewall is provided with all our hosting plans and is turned on by default for any domain and subdomain that you add or create through your Hepsia hosting CP. You'll be able to manage ModSecurity through a dedicated section within Hepsia where not only could you activate or deactivate it entirely, but you may also activate a passive mode, so the firewall will not block anything, but it will still maintain an archive of potential attacks. This takes just a click and you will be able to view the logs regardless of if ModSecurity is in passive or active mode through the same section - what the attack was and where it came from, how it was addressed, etcetera. The firewall employs two sets of rules on our machines - a commercial one which we get from a third-party web security firm and a custom one which our administrators update manually in order to respond to newly discovered threats at the earliest opportunity.
ModSecurity in VPS Servers
All VPS servers that are offered with the Hepsia Control Panel include ModSecurity. The firewall is installed and turned on by default for all domains which are hosted on the machine, so there shall not be anything special which you'll need to do to protect your Internet sites. It will take you only a mouse click to stop ModSecurity if required or to activate its passive mode so that it records what goes on without taking any measures to stop intrusions. You'll be able to view the logs created in passive or active mode via the corresponding section of Hepsia and discover more about the type of the attack, where it came from, what rule the firewall employed to take care of it, and so forth. We employ a mix of commercial and custom rules in order to ensure that ModSecurity will prevent as many threats as possible, consequently increasing the security of your web applications as much as possible.
ModSecurity in Dedicated Servers
All of our dedicated servers that are installed with the Hepsia hosting CP feature ModSecurity, so any application you upload or install shall be properly secured from the very beginning and you'll not have to stress about common attacks or vulnerabilities. An individual section inside Hepsia will allow you to start or stop the firewall for each and every domain or subdomain, or activate a detection mode so that it records info about intrusions, but does not take actions to stop them. What you will discover in the logs can easily allow you to to secure your websites better - the IP address an attack originated from, what site was attacked and in what way, what ModSecurity rule was triggered, etc. With this data, you'll be able to see whether a site needs an update, if you should block IPs from accessing your server, etc. Aside from the third-party commercial security rules for ModSecurity which we use, our administrators add custom ones as well when they come across a new threat that is not yet included in the commercial bundle.