ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to an Internet site without affecting its operation and in case it detects an intrusion attempt, it prevents it. The firewall furthermore maintains a more comprehensive log for the website visitors than any web server does, so you will manage to keep track of what's happening with your sites a lot better than if you rely merely on conventional logs. ModSecurity works with security rules based on which it prevents attacks. For example, it recognizes whether anyone is trying to log in to the admin area of a particular script multiple times or if a request is sent to execute a file with a certain command. In these situations these attempts set off the corresponding rules and the software blocks the attempts instantly, after that records comprehensive details about them in its logs. ModSecurity is amongst the best software firewalls on the market and it can easily protect your web apps against thousands of threats and vulnerabilities, particularly in case you don’t update them or their plugins frequently.
ModSecurity in Shared Web Hosting
We offer ModSecurity with all shared web hosting
solutions, so your web applications shall be shielded from destructive attacks. The firewall is turned on as standard for all domains and subdomains, but in case you'd like, you shall be able to stop it using the respective part of your Hepsia CP. You can also switch on a detection mode, so ModSecurity will keep a log as intended, but won't take any action. The logs that you shall find within Hepsia are incredibly detailed and offer information about the nature of any attack, when it happened and from what IP address, the firewall rule that was triggered, and so on. We employ a range of commercial rules which are often updated, but sometimes our admins add custom rules as well in order to better protect the sites hosted on our servers.
ModSecurity in Semi-dedicated Servers
We have incorporated ModSecurity by default inside all semi-dedicated server
products, so your web apps will be protected as soon as you install them under any domain or subdomain. The Hepsia Control Panel that is included with the semi-dedicated accounts shall permit you to activate or turn off the firewall for any site with a mouse click. You will also have the ability to turn on a passive detection mode through which ModSecurity shall keep a log of possible attacks without really preventing them. The comprehensive logs include the nature of the attack and what ModSecurity response this attack caused, where it came from, and so on. The list of rules which we use is frequently updated in order to match any new risks that might appear on the Internet and it comes with both commercial rules that we get from a security firm and custom-written ones which our admins add if they find a threat that's not present within the commercial list yet.
ModSecurity in VPS Servers
ModSecurity comes with all Hepsia-based VPS servers
we offer and it'll be activated automatically for any new domain or subdomain you add on the machine. That way, any web app which you install will be secured immediately without doing anything by hand on your end. The firewall could be handled via the section of the CP which has the same name. This is the location in whichyou can disable ModSecurity or activate its passive mode, so it won't take any action toward threats, but shall still keep a thorough log. The recorded information is available within the same section as well and you shall be able to see what IPs any attacks came from to enable you to stop them, what the nature of the attempted attacks was and based upon what security rules ModSecurity responded. The rules that we employ on our servers are a mix between commercial ones which we get from a security organization and custom ones that are included by our admins to optimize the protection of any web applications hosted on our end.
ModSecurity in Dedicated Servers
All our dedicated servers
which are installed with the Hepsia hosting CP feature ModSecurity, so any application that you upload or set up shall be secured from the very beginning and you will not need to worry about common attacks or vulnerabilities. A separate section inside Hepsia will allow you to start or stop the firewall for any domain or subdomain, or turn on a detection mode so that it records details about intrusions, but doesn't take actions to prevent them. What you shall see in the logs can easily enable you to to secure your sites better - the IP address an attack came from, what website was attacked and how, what ModSecurity rule was triggered, and so on. With this data, you could see if a site needs an update, if you ought to block IPs from accessing your web server, and so on. Besides the third-party commercial security rules for ModSecurity we use, our admins include custom ones too if they come across a new threat which is not yet in the commercial bundle.