ModSecurity is a highly effective web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to a website without affecting its overall performance and if it discovers an intrusion attempt, it blocks it. The firewall also maintains a more comprehensive log for the traffic than any web server does, so you'll be able to keep track of what's happening with your Internet sites a lot better than if you rely merely on standard logs. ModSecurity employs security rules based on which it prevents attacks. For example, it recognizes if somebody is attempting to log in to the administrator area of a particular script several times or if a request is sent to execute a file with a specific command. In these circumstances these attempts set off the corresponding rules and the firewall software hinders the attempts immediately, then records comprehensive info about them inside its logs. ModSecurity is among the most effective software firewalls available and it could easily protect your web apps against a large number of threats and vulnerabilities, particularly in case you don’t update them or their plugins frequently.
ModSecurity in Shared Hosting
We provide ModSecurity with all shared hosting plans, so your web apps will be shielded from destructive attacks. The firewall is turned on by default for all domains and subdomains, but if you'd like, you shall be able to stop it through the respective part of your Hepsia Control Panel. You'll be able to also activate a detection mode, so ModSecurity will keep a log as intended, but shall not take any action. The logs that you'll discover inside Hepsia are very detailed and feature information about the nature of any attack, when it transpired and from what IP address, the firewall rule which was triggered, etcetera. We employ a range of commercial rules which are often updated, but sometimes our admins add custom rules as well in order to better protect the sites hosted on our machines.
ModSecurity in Semi-dedicated Servers
Any web application which you install inside your new semi-dedicated server account will be protected by ModSecurity as the firewall is included with all our hosting packages and is activated by default for any domain and subdomain which you add or create through your Hepsia hosting Control Panel. You will be able to manage ModSecurity through a dedicated area within Hepsia where not simply can you activate or deactivate it completely, but you could also enable a passive mode, so the firewall will not stop anything, but it'll still keep a record of potential attacks. This requires simply a mouse click and you will be able to look at the logs regardless of if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was dealt with, and so forth. The firewall employs two sets of rules on our servers - a commercial one which we get from a third-party web security provider and a custom one which our administrators update personally in order to respond to recently discovered threats as fast as possible.
ModSecurity in VPS Servers
ModSecurity is pre-installed on all VPS servers which are set up with the Hepsia hosting CP, so your web applications will be protected from the instant your server is ready. The firewall is turned on by default for any domain or subdomain on the Virtual Private Server, but if needed, you'll be able to deactivate it with a mouse click from the corresponding section of Hepsia. You may also set it to work in detection mode, so it shall keep a detailed log of any potential attacks without taking any action to prevent them. The logs can be found in the same section and include information regarding the nature of the attack, what IP address it originated from and what ModSecurity rule was activated to stop it. For best security, we employ not simply commercial rules from a company working in the field of web security, but also custom ones which our administrators add personally so as to respond to new threats that are still not tackled in the commercial rules.
ModSecurity in Dedicated Servers
If you decide to host your websites on a dedicated server with the Hepsia Control Panel, your web programs shall be protected straight away because ModSecurity is supplied with all Hepsia-based solutions. You'll be able to regulate the firewall effortlessly and if needed, you'll be able to turn it off or enable its passive mode when it shall only maintain a log of what is happening without taking any action to stop potential attacks. The logs which you'll find inside the very same section of the CP are really detailed and contain details about the attacker IP, what site and file were attacked and in what way, what rule the firewall employed to prevent the intrusion, and so on. This information shall permit you to take measures and boost the security of your Internet sites even more. To be on the safe side, we employ not just commercial rules, but also custom-made ones that our administrators include every time they recognize attacks which have not yet been included within the commercial pack.