ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to an Internet site without affecting its performance and if it identifies an intrusion attempt, it blocks it. The firewall furthermore keeps a more thorough log for the site visitors than any web server does, so you shall be able to monitor what is happening with your websites better than if you rely merely on conventional logs. ModSecurity employs security rules based on which it prevents attacks. For example, it detects if someone is trying to log in to the administration area of a certain script a number of times or if a request is sent to execute a file with a certain command. In such cases these attempts set off the corresponding rules and the firewall software blocks the attempts immediately, after that records detailed information about them within its logs. ModSecurity is amongst the best software firewalls on the market and it can easily protect your web applications against a large number of threats and vulnerabilities, especially in case you don’t update them or their plugins regularly.
ModSecurity in Shared Hosting
ModSecurity is available with each and every shared hosting solution that we provide and it's switched on by default for any domain or subdomain which you add via your Hepsia Control Panel. If it interferes with any of your programs or you would like to disable it for any reason, you shall be able to achieve that through the ModSecurity area of Hepsia with just a click. You could also use a passive mode, so the firewall will identify possible attacks and maintain a log, but won't take any action. You'll be able to view detailed logs in the same section, including the IP where the attack originated from, what precisely the attacker attempted to do and at what time, what ModSecurity did, etc. For max security of our clients we use a collection of commercial firewall rules mixed with custom ones that are included by our system administrators.
ModSecurity in Semi-dedicated Servers
All semi-dedicated server plans that we offer come with ModSecurity and because the firewall is switched on by default, any Internet site which you create under a domain or a subdomain will be secured immediately. An independent section within the Hepsia CP that comes with the semi-dedicated accounts is dedicated to ModSecurity and it'll enable you to stop and start the firewall for any Internet site or enable a detection mode. With the latter, ModSecurity won't take any action, but it shall still recognize possible attacks and shall keep all info within a log as if it were 100% active. The logs can be found inside the same section of the CP and they offer information about the IP where an attack came from, what its nature was, what rule ModSecurity applies to detect and stop it, and so on. The security rules which we use on our web servers are a mix between commercial ones from a security firm and custom ones developed by our system admins. Therefore, we provide increased security for your web apps as we can defend them from attacks before security companies release updates for brand new threats.
ModSecurity in VPS Servers
ModSecurity is pre-installed on all VPS servers that are set up with the Hepsia hosting Control Panel, so your web programs shall be protected from the instant your server is ready. The firewall is activated by default for any domain or subdomain on the Virtual Private Server, but if needed, you could deactivate it with a mouse click from the corresponding section of Hepsia. You could also set it to work in detection mode, so it'll keep a comprehensive log of any potential attacks without taking any action to stop them. The logs can be found within the same section and include information regarding the nature of the attack, what IP address it originated from and what ModSecurity rule was initiated to stop it. For optimum security, we employ not just commercial rules from a business working in the field of web security, but also custom ones which our administrators add personally so as to react to new risks that are still not dealt with in the commercial rules.
ModSecurity in Dedicated Servers
ModSecurity is provided by default with all dedicated servers which are set up with the Hepsia CP and is set to “Active” automatically for any domain you host or subdomain you create on the server. In the event that a web app doesn't work properly, you can either switch off the firewall or set it to function in passive mode. The second means that ModSecurity will keep a log of any potential attack which may happen, but won't take any action to prevent it. The logs created in active or passive mode will give you additional details about the exact file that was attacked, the form of the attack and the IP address it came from, etcetera. This data will allow you to determine what actions you can take to improve the safety of your websites, including blocking IPs or performing script and plugin updates. The ModSecurity rules we employ are updated regularly with a commercial bundle from a third-party security enterprise we work with, but sometimes our staff add their own rules as well in the event that they come across a new potential threat.