ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to a website without affecting its overall performance and in case it discovers an intrusion attempt, it prevents it. The firewall also keeps a more comprehensive log for the traffic than any web server does, so you shall manage to monitor what's going on with your websites a lot better than if you rely simply on conventional logs. ModSecurity employs security rules based on which it prevents attacks. For instance, it identifies if someone is attempting to log in to the administration area of a given script multiple times or if a request is sent to execute a file with a specific command. In these cases these attempts trigger the corresponding rules and the firewall hinders the attempts instantly, and then records comprehensive info about them within its logs. ModSecurity is one of the best software firewalls available and it could easily protect your web applications against many threats and vulnerabilities, particularly in case you don’t update them or their plugins frequently.
ModSecurity in Website Hosting
ModSecurity comes by default with all website hosting packages that we supply and it shall be turned on automatically for any domain or subdomain which you add/create in your Hepsia hosting CP. The firewall has 3 different modes, so you could switch on and disable it with simply a click or set it to detection mode, so it will maintain a log of all attacks, but it will not do anything to stop them. The log for any of your Internet sites will contain elaborate info such as the nature of the attack, where it originated from, what action was taken by ModSecurity, and so on. The firewall rules which we use are frequently updated and include both commercial ones we get from a third-party security company and custom ones that our system administrators add in case that they detect a new kind of attacks. In this way, the sites you host here shall be way more protected with no action expected on your end.
ModSecurity in Semi-dedicated Servers
ModSecurity is part of our semi-dedicated server solutions and if you opt to host your sites with us, there will not be anything special you'll need to do since the firewall is turned on by default for all domains and subdomains which you include through your hosting Control Panel. If needed, you'll be able to disable ModSecurity for a certain site or switch on the so-called detection mode in which case the firewall shall still operate and record data, but will not do anything to stop possible attacks against your Internet sites. Thorough logs shall be accessible inside your CP and you shall be able to see what sort of attacks occurred, what security rules were triggered and how the firewall dealt with the threats, what Internet protocol addresses the attacks originated from, and so forth. We employ two types of rules on our servers - commercial ones from a firm that operates in the field of web security, and custom ones that our administrators often include to respond to newly identified threats on time.
ModSecurity in VPS Servers
ModSecurity comes with all Hepsia-based VPS servers which we offer and it will be switched on automatically for every new domain or subdomain which you add on the web server. This way, any web app that you install will be protected immediately without doing anything manually on your end. The firewall could be managed through the section of the Control Panel which bears the same name. This is the place whereyou could disable ModSecurity or let its passive mode, so it won't take any action against threats, but will still keep a comprehensive log. The recorded information is available in the same area as well and you will be able to see what IPs any attacks came from so that you can block them, what the nature of the attempted attacks was and based on what security rules ModSecurity responded. The rules which we employ on our servers are a combination between commercial ones that we get from a security company and custom ones that are included by our administrators to enhance the protection of any web apps hosted on our end.
ModSecurity in Dedicated Servers
ModSecurity is included with all dedicated servers that are set up with our Hepsia CP and you'll not have to do anything specific on your end to use it since it is activated by default whenever you add a new domain or subdomain on your web server. If it interferes with any of your programs, you will be able to stop it through the respective area of Hepsia, or you can leave it working in passive mode, so it'll identify attacks and shall still maintain a log for them, but shall not stop them. You'll be able to analyze the logs later to find out what you can do to boost the security of your Internet sites since you will find details such as where an intrusion attempt originated from, what website was attacked and based upon what rule ModSecurity reacted, and so on. The rules we use are commercial, hence they're constantly updated by a security company, but to be on the safe side, our admins also include custom rules occasionally as to react to any new threats they have found.