ModSecurity is a potent web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its performance and in case it detects an intrusion attempt, it prevents it. The firewall also keeps a more comprehensive log for the traffic than any web server does, so you will be able to keep track of what's happening with your websites better than if you rely only on standard logs. ModSecurity uses security rules based on which it prevents attacks. For example, it detects if anyone is attempting to log in to the administration area of a given script a number of times or if a request is sent to execute a file with a certain command. In these instances these attempts set off the corresponding rules and the firewall program hinders the attempts in real time, and then records comprehensive info about them inside its logs. ModSecurity is one of the most effective software firewalls out there and it could easily protect your web apps against many threats and vulnerabilities, especially if you don’t update them or their plugins often.
ModSecurity in Shared Web Hosting
We provide ModSecurity with all shared web hosting plans, so your web apps shall be protected against harmful attacks. The firewall is activated by default for all domains and subdomains, but if you'd like, you shall be able to stop it using the respective part of your Hepsia CP. You could also activate a detection mode, so ModSecurity will keep a log as intended, but won't take any action. The logs that you will find in Hepsia are quite detailed and feature data about the nature of any attack, when it happened and from what IP address, the firewall rule that was triggered, and so forth. We employ a group of commercial rules that are regularly updated, but sometimes our administrators include custom rules as well in order to better protect the Internet sites hosted on our servers.
ModSecurity in Semi-dedicated Hosting
Any web program which you set up within your new semi-dedicated hosting account shall be protected by ModSecurity as the firewall comes with all our hosting packages and is switched on by default for any domain and subdomain which you add or create using your Hepsia hosting CP. You'll be able to manage ModSecurity via a dedicated section within Hepsia where not simply could you activate or deactivate it entirely, but you can also activate a passive mode, so the firewall will not block anything, but it will still keep a record of potential attacks. This normally requires simply a mouse click and you'll be able to view the logs regardless if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was handled, and so on. The firewall employs 2 groups of rules on our web servers - a commercial one which we get from a third-party web security provider and a custom one which our administrators update manually as to respond to recently discovered risks as fast as possible.
ModSecurity in VPS
All virtual private servers that are offered with the Hepsia Control Panel feature ModSecurity. The firewall is installed and activated by default for all domains which are hosted on the server, so there shall not be anything special which you will have to do to protect your sites. It'll take you a click to stop ModSecurity if necessary or to activate its passive mode so that it records what happens without taking any steps to prevent intrusions. You'll be able to look at the logs generated in passive or active mode from the corresponding section of Hepsia and discover more about the form of the attack, where it came from, what rule the firewall used to handle it, etc. We employ a mixture of commercial and custom rules so as to make certain that ModSecurity will prevent as many threats as possible, thus increasing the security of your web programs as much as possible.
ModSecurity in Dedicated Hosting
ModSecurity comes with all dedicated servers which are integrated with our Hepsia Control Panel and you won't need to do anything specific on your end to use it since it is switched on by default each time you include a new domain or subdomain on your hosting server. If it interferes with some of your apps, you'll be able to stop it through the respective part of Hepsia, or you can leave it operating in passive mode, so it shall recognize attacks and shall still keep a log for them, but shall not block them. You may analyze the logs later to find out what you can do to enhance the security of your Internet sites since you shall find details such as where an intrusion attempt originated from, what Internet site was attacked and in accordance with what rule ModSecurity responded, and so on. The rules we employ are commercial, thus they are regularly updated by a security firm, but to be on the safe side, our staff also include custom rules every now and then as to react to any new threats they have identified.