ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to an Internet site without affecting its functionality and in case it detects an intrusion attempt, it blocks it. The firewall also keeps a more detailed log for the traffic than any server does, so you shall manage to keep an eye on what's going on with your websites much better than if you rely only on standard logs. ModSecurity uses security rules based on which it stops attacks. For example, it identifies if somebody is attempting to log in to the administration area of a particular script multiple times or if a request is sent to execute a file with a certain command. In these circumstances these attempts trigger the corresponding rules and the firewall program blocks the attempts immediately, and then records detailed details about them inside its logs. ModSecurity is amongst the best software firewalls out there and it can protect your web apps against thousands of threats and vulnerabilities, especially if you don’t update them or their plugins often.
ModSecurity in Shared Hosting
ModSecurity is available on all shared hosting machines, so when you choose to host your Internet sites with our organization, they'll be shielded from a wide range of attacks. The firewall is enabled by default for all domains and subdomains, so there will be nothing you will have to do on your end. You shall be able to stop ModSecurity for any site if required, or to switch on a detection mode, so that all activity will be recorded, but the firewall will not take any real action. You shall be able to view detailed logs from your Hepsia Control Panel including the IP where the attack came from, what the attacker planned to do and how ModSecurity addressed the threat. Since we take the protection of our clients' sites very seriously, we use a collection of commercial rules that we get from one of the leading companies which maintain this sort of rules. Our administrators also include custom rules to make certain that your Internet sites will be resistant to as many risks as possible.
ModSecurity in Semi-dedicated Servers
We have included ModSecurity as a standard within all semi-dedicated server products, so your web apps will be protected as soon as you install them under any domain or subdomain. The Hepsia CP that is included with the semi-dedicated accounts shall allow you to enable or turn off the firewall for any site with a mouse click. You shall also be able to turn on a passive detection mode through which ModSecurity will keep a log of potential attacks without actually stopping them. The detailed logs include the nature of the attack and what ModSecurity response that attack initiated, where it came from, and so on. The list of rules that we use is frequently updated as to match any new risks which might appear on the Internet and it consists of both commercial rules that we get from a security business and custom-written ones which our admins add in the event that they discover a threat that is not present inside the commercial list yet.
ModSecurity in VPS Servers
All VPS servers which are offered with the Hepsia CP come with ModSecurity. The firewall is installed and activated by default for all domains that are hosted on the server, so there shall not be anything special which you'll need to do to protect your sites. It'll take you only a mouse click to stop ModSecurity if necessary or to switch on its passive mode so that it records what goes on without taking any steps to prevent intrusions. You shall be able to see the logs created in active or passive mode through the corresponding section of Hepsia and find out more about the type of the attack, where it came from, what rule the firewall employed to take care of it, and so on. We employ a combination of commercial and custom rules so as to make certain that ModSecurity will block as many threats as possible, thus improving the protection of your web programs as much as possible.
ModSecurity in Dedicated Servers
ModSecurity is provided as standard with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain that you host or subdomain you create on the hosting server. In case that a web app does not operate correctly, you can either disable the firewall or set it to operate in passive mode. The latter means that ModSecurity shall maintain a log of any potential attack that could happen, but shall not take any action to prevent it. The logs generated in active or passive mode will provide you with additional details about the exact file that was attacked, the form of the attack and the IP it came from, etcetera. This data shall allow you to choose what actions you can take to enhance the safety of your websites, such as blocking IPs or performing script and plugin updates. The ModSecurity rules which we employ are updated often with a commercial bundle from a third-party security firm we work with, but sometimes our staff add their own rules also when they come across a new potential threat.