ModSecurity is a potent web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its overall performance and if it identifies an intrusion attempt, it prevents it. The firewall furthermore maintains a more detailed log for the site visitors than any server does, so you shall be able to monitor what is going on with your websites a lot better than if you rely simply on standard logs. ModSecurity uses security rules based on which it stops attacks. For instance, it identifies whether anyone is attempting to log in to the administration area of a certain script several times or if a request is sent to execute a file with a particular command. In these cases these attempts set off the corresponding rules and the firewall blocks the attempts instantly, and then records in-depth information about them inside its logs. ModSecurity is among the most effective software firewalls available and it could easily protect your web apps against a large number of threats and vulnerabilities, particularly in case you don’t update them or their plugins often.
ModSecurity in Shared Website Hosting
ModSecurity comes standard with all shared website hosting packages that we provide and it'll be switched on automatically for any domain or subdomain that you add/create within your Hepsia hosting Control Panel. The firewall has 3 different modes, so you'll be able to activate and disable it with only a click or set it to detection mode, so it shall maintain a log of all attacks, but it shall not do anything to stop them. The log for each of your Internet sites will include comprehensive information including the nature of the attack, where it originated from, what action was taken by ModSecurity, and so forth. The firewall rules which we use are frequently updated and comprise of both commercial ones that we get from a third-party security business and custom ones which our system administrators include in the event that they detect a new sort of attacks. That way, the Internet sites that you host here shall be way more secure with no action expected on your end.
ModSecurity in Semi-dedicated Servers
All semi-dedicated server plans which we offer include ModSecurity and given that the firewall is switched on by default, any website which you set up under a domain or a subdomain will be secured right away. A separate section inside the Hepsia CP which comes with the semi-dedicated accounts is devoted to ModSecurity and it will allow you to stop and start the firewall for any site or enable a detection mode. With the last mentioned, ModSecurity shall not take any action, but it will still recognize possible attacks and shall keep all info in a log as if it were completely active. The logs could be found within the very same section of the Control Panel and they include details about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to identify and stop it, etc. The security rules we employ on our machines are a mix of commercial ones from a security business and custom ones made by our system administrators. For that reason, we provide higher security for your web apps as we can defend them from attacks even before security companies release updates for completely new threats.
ModSecurity in VPS Servers
Safety is of the utmost importance to us, so we set up ModSecurity on all VPS servers which are provided with the Hepsia Control Panel by default. The firewall can be managed through a dedicated section inside Hepsia and is turned on automatically when you include a new domain or create a subdomain, so you will not have to do anything by hand. You shall also be able to disable it or activate the so-called detection mode, so it'll keep a log of possible attacks that you can later analyze, but will not stop them. The logs in both passive and active modes contain info regarding the type of the attack and how it was prevented, what IP it originated from and other valuable information which may help you to tighten the security of your websites by updating them or blocking IPs, for instance. In addition to the commercial rules that we get for ModSecurity from a third-party security company, we also use our own rules because every now and then we detect specific attacks that are not yet present inside the commercial group. That way, we can enhance the protection of your Virtual private server in a timely manner rather than awaiting an official update.
ModSecurity in Dedicated Servers
When you choose to host your Internet sites on a dedicated server with the Hepsia CP, your web applications shall be secured immediately as ModSecurity is supplied with all Hepsia-based plans. You shall be able to manage the firewall without difficulty and if needed, you shall be able to turn it off or enable its passive mode when it will only keep a log of what's happening without taking any action to stop possible attacks. The logs that you'll find within the very same section of the CP are really detailed and feature data about the attacker IP address, what site and file were attacked and in what way, what rule the firewall employed to stop the intrusion, and so on. This info will permit you to take measures and improve the security of your websites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones that our admins add when they detect attacks which have not yet been included in the commercial pack.