ModSecurity is a highly effective web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to an Internet site without affecting its performance and when it detects an intrusion attempt, it blocks it. The firewall additionally maintains a more thorough log for the site visitors than any web server does, so you shall manage to monitor what's going on with your Internet sites much better than if you rely merely on standard logs. ModSecurity employs security rules based on which it stops attacks. For instance, it recognizes if anyone is attempting to log in to the administration area of a certain script several times or if a request is sent to execute a file with a certain command. In such instances these attempts trigger the corresponding rules and the software blocks the attempts right away, after that records comprehensive details about them inside its logs. ModSecurity is among the very best software firewalls out there and it can protect your web apps against thousands of threats and vulnerabilities, particularly if you don’t update them or their plugins regularly.
ModSecurity in Shared Hosting
ModSecurity comes standard with all shared hosting solutions that we provide and it'll be turned on automatically for any domain or subdomain that you add/create in your Hepsia hosting CP. The firewall has three different modes, so you'll be able to switch on and deactivate it with only a click or set it to detection mode, so it'll keep a log of all attacks, but it shall not do anything to stop them. The log for any of your Internet sites shall feature elaborate information which includes the nature of the attack, where it originated from, what action was taken by ModSecurity, and so on. The firewall rules which we use are regularly updated and consist of both commercial ones which we get from a third-party security business and custom ones that our system administrators include in the event that they detect a new kind of attacks. In this way, the websites that you host here shall be a lot more protected without any action expected on your end.
ModSecurity in Semi-dedicated Servers
All semi-dedicated server plans that we offer come with ModSecurity and since the firewall is switched on by default, any site that you create under a domain or a subdomain will be protected straight away. An individual section within the Hepsia Control Panel which comes with the semi-dedicated accounts is devoted to ModSecurity and it'll enable you to stop and start the firewall for any Internet site or switch on a detection mode. With the last mentioned, ModSecurity will not take any action, but it will still detect possible attacks and will keep all data in a log as if it were 100% active. The logs could be found within the very same section of the CP and they offer information about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to recognize and stop it, and so on. The security rules we use on our machines are a mix of commercial ones from a security firm and custom ones made by our system administrators. As a result, we offer higher security for your web apps as we can defend them from attacks even before security businesses release updates for brand new threats.
ModSecurity in VPS Servers
All VPS servers that are provided with the Hepsia Control Panel come with ModSecurity. The firewall is installed and turned on by default for all domains which are hosted on the server, so there shall not be anything special that you will have to do to protect your websites. It shall take you only a mouse click to stop ModSecurity if needed or to turn on its passive mode so that it records what happens without taking any actions to prevent intrusions. You shall be able to look at the logs created in passive or active mode from the corresponding section of Hepsia and discover more about the type of the attack, where it originated from, what rule the firewall employed to take care of it, and so forth. We employ a combination of commercial and custom rules in order to make certain that ModSecurity shall prevent as many risks as possible, thus boosting the protection of your web programs as much as possible.
ModSecurity in Dedicated Servers
ModSecurity is included with all dedicated servers that are integrated with our Hepsia Control Panel and you'll not need to do anything specific on your end to use it as it's switched on by default each time you add a new domain or subdomain on your web server. If it disrupts some of your programs, you will be able to stop it via the respective area of Hepsia, or you can leave it in passive mode, so it will recognize attacks and will still maintain a log for them, but shall not prevent them. You can look at the logs later to determine what you can do to improve the protection of your Internet sites as you'll find info such as where an intrusion attempt originated from, what Internet site was attacked and based on what rule ModSecurity responded, and so forth. The rules we employ are commercial, therefore they are constantly updated by a security firm, but to be on the safe side, our admins also add custom rules occasionally in order to respond to any new threats they have discovered.