ModSecurity is a highly effective web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to a site without affecting its performance and if it detects an intrusion attempt, it prevents it. The firewall also maintains a more comprehensive log for the site visitors than any server does, so you'll be able to monitor what's happening with your sites a lot better than if you rely only on conventional logs. ModSecurity works with security rules based on which it stops attacks. For instance, it identifies if anyone is trying to log in to the administrator area of a certain script several times or if a request is sent to execute a file with a certain command. In such cases these attempts trigger the corresponding rules and the firewall software blocks the attempts in real time, and then records in-depth information about them within its logs. ModSecurity is among the most effective software firewalls on the market and it can protect your web apps against a huge number of threats and vulnerabilities, particularly if you don’t update them or their plugins often.
ModSecurity in Shared Web Hosting
ModSecurity comes by default with all shared web hosting
solutions that we provide and it'll be activated automatically for any domain or subdomain that you add/create within your Hepsia hosting Control Panel. The firewall has three different modes, so you could activate and deactivate it with a click or set it to detection mode, so it shall maintain a log of all attacks, but it will not do anything to prevent them. The log for any of your websites shall contain detailed info including the nature of the attack, where it came from, what action was taken by ModSecurity, and so on. The firewall rules we use are constantly updated and incorporate both commercial ones we get from a third-party security business and custom ones our system admins include in the event that they detect a new kind of attacks. This way, the Internet sites you host here shall be a lot more protected with no action needed on your end.
ModSecurity in Semi-dedicated Servers
We have included ModSecurity by default inside all semi-dedicated server
products, so your web apps shall be protected whenever you set them up under any domain or subdomain. The Hepsia Control Panel which is included with the semi-dedicated accounts shall permit you to activate or disable the firewall for any site with a click. You'll also have the ability to activate a passive detection mode in which ModSecurity will keep a log of possible attacks without really stopping them. The detailed logs include things like the nature of the attack and what ModSecurity response that attack initiated, where it came from, and so on. The list of rules which we use is regularly updated in order to match any new risks that may appear on the Internet and it comes with both commercial rules that we get from a security business and custom-written ones which our admins add in case they discover a threat that's not present inside the commercial list yet.
ModSecurity in VPS Servers
ModSecurity is pre-installed on all VPS servers
which are set up with the Hepsia hosting Control Panel, so your web programs shall be protected from the moment your server is ready. The firewall is turned on by default for any domain or subdomain on the Virtual Private Server, but if needed, you can disable it with a click from the corresponding section of Hepsia. You may also set it to operate in detection mode, so it shall keep a detailed log of any potential attacks without taking any action to stop them. The logs are available within the exact same section and provide details about the nature of the attack, what IP it originated from and what ModSecurity rule was triggered to stop it. For optimum security, we employ not only commercial rules from a company working in the field of web security, but also custom ones our administrators add personally so as to respond to new threats which are still not dealt with in the commercial rules.
ModSecurity in Dedicated Servers
ModSecurity is included with all dedicated servers
that are set up with our Hepsia Control Panel and you'll not have to do anything specific on your end to use it since it's activated by default whenever you include a new domain or subdomain on your web server. In case it disrupts any of your apps, you will be able to stop it through the respective section of Hepsia, or you could leave it in passive mode, so it will recognize attacks and shall still maintain a log for them, but won't stop them. You can look at the logs later to determine what you can do to boost the safety of your Internet sites as you will find info such as where an intrusion attempt originated from, what website was attacked and in accordance with what rule ModSecurity responded, etcetera. The rules which we employ are commercial, hence they're regularly updated by a security provider, but to be on the safe side, our admins also include custom rules once in a while in order to react to any new threats they have identified.