ModSecurity is a highly effective web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to a site without affecting its overall performance and in case it discovers an intrusion attempt, it prevents it. The firewall additionally keeps a more detailed log for the traffic than any web server does, so you will be able to keep track of what's happening with your websites a lot better than if you rely only on conventional logs. ModSecurity works with security rules based on which it stops attacks. For instance, it detects whether somebody is attempting to log in to the admin area of a certain script a number of times or if a request is sent to execute a file with a certain command. In these cases these attempts set off the corresponding rules and the firewall software blocks the attempts immediately, and then records comprehensive details about them within its logs. ModSecurity is amongst the very best software firewalls on the market and it could easily protect your web apps against a huge number of threats and vulnerabilities, particularly if you don’t update them or their plugins regularly.
ModSecurity in Cloud Website Hosting
We provide ModSecurity with all cloud website hosting plans, so your Internet apps shall be protected against destructive attacks. The firewall is switched on as standard for all domains and subdomains, but in case you'd like, you'll be able to stop it through the respective part of your Hepsia Control Panel. You'll be able to also switch on a detection mode, so ModSecurity will keep a log as intended, but won't take any action. The logs that you'll discover within Hepsia are quite detailed and feature info about the nature of any attack, when it transpired and from what IP address, the firewall rule that was triggered, etcetera. We employ a range of commercial rules which are frequently updated, but sometimes our admins include custom rules as well in order to better protect the sites hosted on our servers.
ModSecurity in Semi-dedicated Hosting
All semi-dedicated hosting plans which we offer feature ModSecurity and since the firewall is enabled by default, any site you build under a domain or a subdomain shall be protected right from the start. A separate section in the Hepsia CP which comes with the semi-dedicated accounts is devoted to ModSecurity and it'll enable you to start and stop the firewall for any Internet site or switch on a detection mode. With the latter, ModSecurity won't take any action, but it shall still identify possible attacks and shall keep all information in a log as if it were fully active. The logs could be found within the same section of the Control Panel and they include information regarding the IP where an attack originated from, what its nature was, what rule ModSecurity applies to identify and stop it, etc. The security rules that we use on our machines are a mix of commercial ones from a security business and custom ones developed by our system admins. As a result, we provide greater security for your web applications as we can defend them from attacks before security firms release updates for completely new threats.
ModSecurity in VPS
All virtual private servers that are set up with the Hepsia Control Panel come with ModSecurity. The firewall is installed and activated by default for all domains which are hosted on the machine, so there will not be anything special which you'll have to do to protect your sites. It shall take you a click to stop ModSecurity if necessary or to activate its passive mode so that it records what occurs without taking any measures to stop intrusions. You will be able to look at the logs produced in active or passive mode from the corresponding section of Hepsia and learn more about the type of the attack, where it originated from, what rule the firewall employed to tackle it, and so on. We use a mixture of commercial and custom rules so as to make certain that ModSecurity shall block as many risks as possible, therefore increasing the protection of your web apps as much as possible.
ModSecurity in Dedicated Hosting
ModSecurity is provided as standard with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain that you host or subdomain which you create on the web server. In the event that a web app doesn't operate correctly, you may either switch off the firewall or set it to function in passive mode. The second means that ModSecurity shall maintain a log of any possible attack that may take place, but will not take any action to prevent it. The logs created in active or passive mode shall present you with additional details about the exact file that was attacked, the nature of the attack and the IP address it originated from, etcetera. This data shall permit you to determine what measures you can take to enhance the protection of your websites, including blocking IPs or performing script and plugin updates. The ModSecurity rules that we use are updated regularly with a commercial package from a third-party security company we work with, but oftentimes our administrators add their own rules as well in the event that they discover a new potential threat.