ModSecurity is a powerful web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to a site without affecting its overall performance and if it discovers an intrusion attempt, it prevents it. The firewall also maintains a more comprehensive log for the traffic than any server does, so you will manage to monitor what's going on with your websites a lot better than if you rely only on standard logs. ModSecurity employs security rules based on which it helps prevent attacks. For instance, it identifies if somebody is attempting to log in to the admin area of a given script multiple times or if a request is sent to execute a file with a specific command. In these instances these attempts trigger the corresponding rules and the firewall blocks the attempts instantly, after that records in-depth information about them in its logs. ModSecurity is one of the best software firewalls out there and it can easily protect your web apps against many threats and vulnerabilities, particularly if you don’t update them or their plugins frequently.
ModSecurity in Hosting
ModSecurity is offered with every single hosting package that we provide and it is activated by default for any domain or subdomain that you add via your Hepsia CP. In case it disrupts any of your programs or you'd like to disable it for any reason, you'll be able to achieve that through the ModSecurity section of Hepsia with simply a click. You can also use a passive mode, so the firewall will recognize possible attacks and maintain a log, but won't take any action. You can see detailed logs in the very same section, including the IP address where the attack came from, what precisely the attacker aimed to do and at what time, what ModSecurity did, and so on. For max safety of our clients we use a collection of commercial firewall rules combined with custom ones that are included by our system admins.
ModSecurity in Semi-dedicated Hosting
We have incorporated ModSecurity by default within all semi-dedicated hosting products, so your web applications shall be protected whenever you set them up under any domain or subdomain. The Hepsia Control Panel that is included with the semi-dedicated accounts shall allow you to enable or disable the firewall for any website with a mouse click. You will also have the ability to switch on a passive detection mode through which ModSecurity shall maintain a log of possible attacks without actually stopping them. The comprehensive logs contain the nature of the attack and what ModSecurity response this attack generated, where it originated from, etcetera. The list of rules that we use is frequently updated as to match any new risks which may appear on the Internet and it includes both commercial rules that we get from a security firm and custom-written ones that our administrators add in case they discover a threat that is not present in the commercial list yet.
ModSecurity in VPS Web Hosting
Safety is very important to us, so we install ModSecurity on all virtual private servers that are provided with the Hepsia Control Panel by default. The firewall could be managed through a dedicated section in Hepsia and is turned on automatically when you add a new domain or generate a subdomain, so you will not need to do anything manually. You will also be able to deactivate it or switch on the so-called detection mode, so it'll keep a log of possible attacks which you can later examine, but shall not block them. The logs in both passive and active modes include information about the form of the attack and how it was prevented, what IP it originated from and other valuable information which might help you to tighten the security of your websites by updating them or blocking IPs, as an example. Besides the commercial rules that we get for ModSecurity from a third-party security firm, we also use our own rules since occasionally we identify specific attacks that are not yet present in the commercial group. That way, we can easily improve the protection of your VPS promptly instead of awaiting an official update.
ModSecurity in Dedicated Servers Hosting
ModSecurity comes with all dedicated servers that are set up with our Hepsia CP and you won't have to do anything specific on your end to use it because it's turned on by default whenever you include a new domain or subdomain on your web server. In the event that it disrupts some of your apps, you shall be able to stop it via the respective part of Hepsia, or you could leave it in passive mode, so it'll detect attacks and will still maintain a log for them, but shall not block them. You may look at the logs later to find out what you can do to boost the protection of your sites as you shall find details such as where an intrusion attempt originated from, what website was attacked and in accordance with what rule ModSecurity reacted, etcetera. The rules that we use are commercial, therefore they are frequently updated by a security company, but to be on the safe side, our staff also add custom rules once in a while as to deal with any new threats they have found.