ModSecurity is a highly effective web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to a website without affecting its operation and if it discovers an intrusion attempt, it prevents it. The firewall furthermore maintains a more detailed log for the traffic than any server does, so you shall manage to monitor what is happening with your sites much better than if you rely only on conventional logs. ModSecurity uses security rules based on which it prevents attacks. For instance, it identifies if anyone is trying to log in to the administration area of a particular script a number of times or if a request is sent to execute a file with a particular command. In these situations these attempts trigger the corresponding rules and the software hinders the attempts instantly, then records in-depth details about them inside its logs. ModSecurity is one of the most effective software firewalls on the market and it can protect your web apps against many threats and vulnerabilities, especially in case you don’t update them or their plugins frequently.
ModSecurity in Website Hosting
We offer ModSecurity with all website hosting solutions, so your Internet apps shall be resistant to malicious attacks. The firewall is activated by default for all domains and subdomains, but in case you'd like, you shall be able to stop it using the respective area of your Hepsia CP. You can also switch on a detection mode, so ModSecurity shall keep a log as intended, but shall not take any action. The logs which you'll find in Hepsia are very detailed and include information about the nature of any attack, when it happened and from what IP, the firewall rule which was triggered, etc. We employ a range of commercial rules which are frequently updated, but sometimes our admins add custom rules as well in order to better protect the Internet sites hosted on our machines.
ModSecurity in Semi-dedicated Servers
We've incorporated ModSecurity as a standard within all semi-dedicated server packages, so your web apps shall be protected as soon as you set them up under any domain or subdomain. The Hepsia CP which comes with the semi-dedicated accounts shall permit you to activate or disable the firewall for any site with a mouse click. You'll also be able to turn on a passive detection mode in which ModSecurity shall maintain a log of possible attacks without actually preventing them. The thorough logs include things like the nature of the attack and what ModSecurity response that attack initiated, where it came from, and so forth. The list of rules that we employ is frequently updated in order to match any new threats that may appear on the Internet and it includes both commercial rules that we get from a security business and custom-written ones which our admins include in the event that they find a threat which is not present inside the commercial list yet.
ModSecurity in VPS Servers
All VPS servers which are offered with the Hepsia Control Panel include ModSecurity. The firewall is installed and switched on by default for all domains that are hosted on the web server, so there shall not be anything special which you shall have to do to protect your websites. It will take you only a mouse click to stop ModSecurity if needed or to switch on its passive mode so that it records what goes on without taking any actions to prevent intrusions. You will be able to look at the logs created in passive or active mode via the corresponding section of Hepsia and discover more about the form of the attack, where it came from, what rule the firewall used to handle it, etcetera. We employ a mix of commercial and custom rules so as to make certain that ModSecurity shall prevent as many threats as possible, thus improving the protection of your web apps as much as possible.
ModSecurity in Dedicated Servers
ModSecurity is available by default with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain you host or subdomain that you create on the hosting server. In the event that a web application doesn't function adequately, you may either disable the firewall or set it to work in passive mode. The latter means that ModSecurity will keep a log of any potential attack which may happen, but shall not take any action to stop it. The logs created in passive or active mode will offer you more details about the exact file which was attacked, the form of the attack and the IP address it originated from, and so on. This information will enable you to determine what actions you can take to boost the safety of your sites, for instance blocking IPs or carrying out script and plugin updates. The ModSecurity rules that we use are updated constantly with a commercial bundle from a third-party security enterprise we work with, but occasionally our admins include their own rules too in case they discover a new potential threat.