ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to an Internet site without affecting its overall performance and if it identifies an intrusion attempt, it prevents it. The firewall additionally keeps a more thorough log for the website visitors than any server does, so you will manage to monitor what is going on with your Internet sites better than if you rely merely on conventional logs. ModSecurity employs security rules based on which it helps prevent attacks. For instance, it recognizes if somebody is attempting to log in to the administration area of a specific script multiple times or if a request is sent to execute a file with a certain command. In such circumstances these attempts trigger the corresponding rules and the software hinders the attempts right away, and then records in-depth information about them in its logs. ModSecurity is one of the best software firewalls out there and it can easily protect your web applications against a huge number of threats and vulnerabilities, especially if you don’t update them or their plugins often.
ModSecurity in Hosting
ModSecurity is available with every single hosting solution that we provide and it's turned on by default for any domain or subdomain which you add via your Hepsia CP. If it disrupts any of your programs or you'd like to disable it for any reason, you will be able to achieve that through the ModSecurity area of Hepsia with simply a mouse click. You may also use a passive mode, so the firewall will detect possible attacks and maintain a log, but will not take any action. You could view detailed logs in the very same section, including the IP address where the attack came from, exactly what the attacker attempted to do and at what time, what ModSecurity did, and so forth. For max security of our clients we use a set of commercial firewall rules blended with custom ones that are included by our system administrators.
ModSecurity in Semi-dedicated Servers
Any web application which you set up inside your new semi-dedicated server account will be protected by ModSecurity since the firewall is included with all our hosting plans and is activated by default for any domain and subdomain you add or create via your Hepsia hosting Control Panel. You will be able to manage ModSecurity via a dedicated area within Hepsia where not simply could you activate or deactivate it entirely, but you may also switch on a passive mode, so the firewall shall not block anything, but it shall still keep an archive of potential attacks. This normally requires just a mouse click and you shall be able to see the logs regardless if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was addressed, etc. The firewall uses 2 sets of rules on our servers - a commercial one which we get from a third-party web security firm and a custom one which our administrators update personally in order to respond to recently discovered threats immediately.
ModSecurity in VPS Servers
ModSecurity is pre-installed on all VPS servers that are provided with the Hepsia hosting CP, so your web programs will be protected from the moment your server is in a position. The firewall is switched on by default for any domain or subdomain on the VPS, but if necessary, you could disable it with a click of your mouse via the corresponding section of Hepsia. You could also set it to operate in detection mode, so it'll maintain a comprehensive log of any possible attacks without taking any action to prevent them. The logs can be found inside the very same section and include details about the nature of the attack, what IP address it originated from and what ModSecurity rule was triggered to stop it. For maximum security, we use not simply commercial rules from a company operating in the field of web security, but also custom ones that our administrators include manually in order to react to new risks that are still not dealt with in the commercial rules.
ModSecurity in Dedicated Servers
ModSecurity is provided with all dedicated servers which are integrated with our Hepsia CP and you will not have to do anything specific on your end to employ it because it is turned on by default every time you include a new domain or subdomain on your web server. In the event that it disrupts any of your apps, you'll be able to stop it through the respective part of Hepsia, or you could leave it working in passive mode, so it shall recognize attacks and shall still keep a log for them, but will not block them. You can look at the logs later to determine what you can do to improve the protection of your sites since you will find information such as where an intrusion attempt came from, what site was attacked and in accordance with what rule ModSecurity reacted, etcetera. The rules which we employ are commercial, thus they're constantly updated by a security company, but to be on the safe side, our administrators also add custom rules from time to time as to react to any new threats they have found.