ModSecurity is a highly effective web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to a site without affecting its functionality and when it discovers an intrusion attempt, it prevents it. The firewall also keeps a more thorough log for the traffic than any server does, so you will be able to keep an eye on what's going on with your sites better than if you rely simply on standard logs. ModSecurity uses security rules based on which it prevents attacks. For example, it detects whether somebody is attempting to log in to the administrator area of a certain script multiple times or if a request is sent to execute a file with a particular command. In such instances these attempts trigger the corresponding rules and the firewall software blocks the attempts right away, then records in-depth info about them within its logs. ModSecurity is amongst the best software firewalls on the market and it can protect your web applications against a large number of threats and vulnerabilities, particularly if you don’t update them or their plugins often.
ModSecurity in Web Hosting
ModSecurity is available with every web hosting
solution that we offer and it's activated by default for any domain or subdomain which you add through your Hepsia Control Panel. In the event that it interferes with any of your applications or you would like to disable it for any reason, you'll be able to accomplish that through the ModSecurity area of Hepsia with just a click. You can also enable a passive mode, so the firewall will detect possible attacks and keep a log, but will not take any action. You'll be able to see comprehensive logs in the same section, including the IP where the attack originated from, what exactly the attacker tried to do and at what time, what ModSecurity did, etcetera. For max protection of our clients we use a collection of commercial firewall rules mixed with custom ones that are included by our system admins.
ModSecurity in Semi-dedicated Hosting
All semi-dedicated hosting
solutions that we offer include ModSecurity and because the firewall is switched on by default, any site which you build under a domain or a subdomain shall be secured straight away. A separate section inside the Hepsia Control Panel that comes with the semi-dedicated accounts is devoted to ModSecurity and it will permit you to stop and start the firewall for any site or enable a detection mode. With the last mentioned, ModSecurity will not take any action, but it'll still detect possible attacks and will keep all info in a log as if it were completely active. The logs could be found in the very same section of the Control Panel and they feature details about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to detect and stop it, etc. The security rules that we use on our machines are a mix of commercial ones from a security firm and custom ones made by our system administrators. As a result, we offer increased security for your web applications as we can protect them from attacks even before security companies release updates for brand new threats.
ModSecurity in VPS Web Hosting
ModSecurity is included with all Hepsia-based virtual private servers
we offer and it'll be switched on automatically for every new domain or subdomain you include on the web server. This way, any web application which you install will be protected immediately without doing anything manually on your end. The firewall could be managed via the section of the CP that bears the same name. This is the area in whichyou could turn off ModSecurity or let its passive mode, so it won't take any action towards threats, but will still keep a detailed log. The recorded data is available inside the same area as well and you'll be able to see what IPs any attacks originated from so that you stop them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity reacted. The rules which we use on our servers are a mix between commercial ones we obtain from a security company and custom ones that are included by our administrators to enhance the protection of any web apps hosted on our end.
ModSecurity in Dedicated Servers Hosting
If you choose to host your websites on a dedicated server
with the Hepsia Control Panel, your web applications will be protected straight away because ModSecurity is supplied with all Hepsia-based solutions. You will be able to control the firewall effortlessly and if necessary, you'll be able to turn it off or activate its passive mode when it will only keep a log of what is happening without taking any action to stop potential attacks. The logs that you'll find in the very same section of the CP are extremely detailed and feature info about the attacker IP address, what site and file were attacked and in what way, what rule the firewall used to prevent the intrusion, and so on. This data will allow you to take measures and increase the protection of your sites even more. To be on the safe side, we use not only commercial rules, but also custom-made ones which our admins add when they recognize attacks which haven't yet been included in the commercial pack.