ModSecurity is a potent web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to a website without affecting its operation and when it identifies an intrusion attempt, it prevents it. The firewall also keeps a more detailed log for the website visitors than any server does, so you shall manage to keep an eye on what is happening with your Internet sites much better than if you rely merely on conventional logs. ModSecurity works with security rules based on which it prevents attacks. For example, it detects if anyone is attempting to log in to the administration area of a particular script several times or if a request is sent to execute a file with a certain command. In such cases these attempts set off the corresponding rules and the firewall software hinders the attempts immediately, after that records detailed details about them inside its logs. ModSecurity is among the very best software firewalls available and it can protect your web apps against a large number of threats and vulnerabilities, particularly in case you don’t update them or their plugins frequently.
ModSecurity in Shared Hosting
We provide ModSecurity with all shared hosting packages, so your web apps will be protected against destructive attacks. The firewall is switched on as standard for all domains and subdomains, but in case you'd like, you shall be able to stop it via the respective part of your Hepsia CP. You'll be able to also switch on a detection mode, so ModSecurity shall keep a log as intended, but will not take any action. The logs that you shall discover inside Hepsia are very detailed and include info about the nature of any attack, when it transpired and from what IP, the firewall rule which was triggered, etc. We use a group of commercial rules that are constantly updated, but sometimes our admins include custom rules as well in order to better protect the sites hosted on our machines.
ModSecurity in Semi-dedicated Servers
ModSecurity is a part of our semi-dedicated server plans and if you opt to host your websites with our company, there won't be anything special you will have to do since the firewall is turned on by default for all domains and subdomains which you include using your hosting CP. If required, you can disable ModSecurity for a particular website or turn on the so-called detection mode in which case the firewall will still function and record info, but shall not do anything to prevent potential attacks on your Internet sites. In depth logs shall be accessible inside your CP and you will be able to see what sort of attacks happened, what security rules were triggered and how the firewall addressed the threats, what IP addresses the attacks came from, and so forth. We employ 2 sorts of rules on our servers - commercial ones from a firm which operates in the field of web security, and custom ones that our administrators often add to respond to newly discovered threats promptly.
ModSecurity in VPS Servers
All VPS servers that are offered with the Hepsia Control Panel come with ModSecurity. The firewall is set up and turned on by default for all domains that are hosted on the server, so there won't be anything special that you will have to do to protect your websites. It'll take you a click to stop ModSecurity if necessary or to turn on its passive mode so that it records what occurs without taking any actions to stop intrusions. You'll be able to see the logs generated in passive or active mode via the corresponding section of Hepsia and discover more about the type of the attack, where it originated from, what rule the firewall employed to tackle it, and so on. We employ a mixture of commercial and custom rules so as to make sure that ModSecurity shall stop as many risks as possible, therefore improving the protection of your web apps as much as possible.
ModSecurity in Dedicated Servers
ModSecurity comes with all dedicated servers that are set up with our Hepsia Control Panel and you'll not have to do anything specific on your end to use it since it's activated by default whenever you include a new domain or subdomain on your web server. If it disrupts any of your programs, you shall be able to stop it via the respective section of Hepsia, or you can leave it working in passive mode, so it'll identify attacks and will still maintain a log for them, but will not stop them. You may examine the logs later to determine what you can do to improve the safety of your websites since you will find information such as where an intrusion attempt originated from, what site was attacked and in accordance with what rule ModSecurity reacted, etcetera. The rules which we employ are commercial, hence they're constantly updated by a security provider, but to be on the safe side, our admins also add custom rules occasionally in order to deal with any new threats they have discovered.