ModSecurity is a powerful web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its functionality and when it identifies an intrusion attempt, it prevents it. The firewall also maintains a more thorough log for the traffic than any web server does, so you will be able to keep an eye on what's happening with your Internet sites better than if you rely merely on standard logs. ModSecurity uses security rules based on which it prevents attacks. For instance, it detects whether somebody is trying to log in to the admin area of a particular script several times or if a request is sent to execute a file with a specific command. In such circumstances these attempts set off the corresponding rules and the firewall blocks the attempts immediately, and then records in-depth information about them within its logs. ModSecurity is one of the best software firewalls on the market and it can protect your web apps against thousands of threats and vulnerabilities, especially in case you don’t update them or their plugins frequently.
ModSecurity in Website Hosting
ModSecurity is provided with all website hosting servers, so if you opt to host your sites with our business, they'll be shielded from an array of attacks. The firewall is enabled by default for all domains and subdomains, so there'll be nothing you will need to do on your end. You shall be able to stop ModSecurity for any site if required, or to switch on a detection mode, so all activity will be recorded, but the firewall won't take any real action. You'll be able to view detailed logs through your Hepsia Control Panel including the IP address where the attack came from, what the attacker wished to do and how ModSecurity dealt with the threat. As we take the safety of our customers' Internet sites very seriously, we employ a collection of commercial rules that we get from one of the best companies which maintain this sort of rules. Our administrators also include custom rules to ensure that your Internet sites will be resistant to as many threats as possible.
ModSecurity in Semi-dedicated Hosting
All semi-dedicated hosting solutions which we offer include ModSecurity and since the firewall is turned on by default, any site that you set up under a domain or a subdomain will be secured immediately. An individual section within the Hepsia CP that comes with the semi-dedicated accounts is devoted to ModSecurity and it shall allow you to start and stop the firewall for any site or enable a detection mode. With the latter, ModSecurity won't take any action, but it will still identify possible attacks and shall keep all data inside a log as if it were fully active. The logs can be found in the very same section of the Control Panel and they offer specifics about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to detect and stop it, and so on. The security rules we employ on our servers are a mix between commercial ones from a security firm and custom ones made by our system administrators. Consequently, we provide greater security for your web programs as we can protect them from attacks before security corporations release updates for new threats.
ModSecurity in VPS
Security is very important to us, so we install ModSecurity on all virtual private servers that are provided with the Hepsia Control Panel by default. The firewall could be managed through a dedicated section within Hepsia and is switched on automatically when you add a new domain or generate a subdomain, so you will not need to do anything personally. You shall also be able to disable it or turn on the so-called detection mode, so it will maintain a log of possible attacks that you can later analyze, but won't prevent them. The logs in both passive and active modes offer info regarding the type of the attack and how it was eliminated, what IP address it came from and other valuable info which could help you to tighten the security of your sites by updating them or blocking IPs, as an example. Besides the commercial rules that we get for ModSecurity from a third-party security company, we also implement our own rules since occasionally we find specific attacks that are not yet present within the commercial package. This way, we can enhance the protection of your Virtual private server instantly instead of waiting for an official update.
ModSecurity in Dedicated Hosting
When you decide to host your websites on a dedicated server with the Hepsia Control Panel, your web programs shall be protected straight away since ModSecurity is supplied with all Hepsia-based solutions. You will be able to control the firewall easily and if required, you shall be able to turn it off or switch on its passive mode when it will only maintain a log of what's taking place without taking any action to stop potential attacks. The logs which you'll find within the very same section of the Control Panel are really detailed and feature information about the attacker IP address, what website and file were attacked and in what way, what rule the firewall used to prevent the intrusion, and so forth. This information shall allow you to take measures and boost the protection of your Internet sites even more. To be on the safe side, we use not only commercial rules, but also custom-made ones that our administrators add whenever they detect attacks which have not yet been included inside the commercial pack.