ModSecurity is a highly effective web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to an Internet site without affecting its performance and in case it discovers an intrusion attempt, it blocks it. The firewall additionally keeps a more comprehensive log for the traffic than any server does, so you will manage to keep an eye on what is going on with your sites better than if you rely simply on conventional logs. ModSecurity uses security rules based on which it prevents attacks. For example, it recognizes if anyone is attempting to log in to the administrator area of a certain script a number of times or if a request is sent to execute a file with a particular command. In these cases these attempts trigger the corresponding rules and the software hinders the attempts instantly, and then records detailed info about them in its logs. ModSecurity is amongst the most effective software firewalls out there and it can easily protect your web applications against a huge number of threats and vulnerabilities, especially if you don’t update them or their plugins often.
ModSecurity in Shared Hosting
ModSecurity is offered with each and every shared hosting
plan which we offer and it's turned on by default for every domain or subdomain that you include through your Hepsia Control Panel. If it disrupts any of your programs or you'd like to disable it for any reason, you shall be able to do that through the ModSecurity section of Hepsia with only a click. You could also enable a passive mode, so the firewall will identify possible attacks and keep a log, but shall not take any action. You'll be able to see extensive logs in the very same section, including the IP where the attack originated from, what exactly the attacker aimed to do and at what time, what ModSecurity did, and so on. For maximum safety of our customers we use a collection of commercial firewall rules combined with custom ones that are provided by our system admins.
ModSecurity in Semi-dedicated Hosting
Any web application that you install in your new semi-dedicated hosting
account will be protected by ModSecurity since the firewall is provided with all our hosting plans and is turned on by default for any domain and subdomain you include or create via your Hepsia hosting CP. You will be able to manage ModSecurity through a dedicated area in Hepsia where not simply could you activate or deactivate it fully, but you can also switch on a passive mode, so the firewall will not stop anything, but it shall still keep an archive of possible attacks. This takes simply a click and you shall be able to view the logs regardless if ModSecurity is in passive or active mode through the same section - what the attack was and where it originated from, how it was dealt with, etc. The firewall employs two sets of rules on our servers - a commercial one which we get from a third-party web security provider and a custom one that our admins update manually in order to respond to recently discovered threats immediately.
ModSecurity in VPS
All virtual private servers
that are offered with the Hepsia CP feature ModSecurity. The firewall is installed and turned on by default for all domains which are hosted on the web server, so there shall not be anything special that you will have to do to protect your sites. It shall take you just a click to stop ModSecurity if needed or to turn on its passive mode so that it records what goes on without taking any measures to stop intrusions. You will be able to see the logs generated in passive or active mode through the corresponding section of Hepsia and find out more about the form of the attack, where it came from, what rule the firewall used to deal with it, etcetera. We employ a combination of commercial and custom rules so as to make sure that ModSecurity shall block as many risks as possible, thus improving the security of your web programs as much as possible.
ModSecurity in Dedicated Hosting
ModSecurity is provided with all dedicated servers
which are set up with our Hepsia Control Panel and you'll not need to do anything specific on your end to employ it as it's turned on by default every time you add a new domain or subdomain on your server. In case it interferes with any of your apps, you'll be able to stop it via the respective part of Hepsia, or you may leave it working in passive mode, so it'll identify attacks and will still maintain a log for them, but won't stop them. You can analyze the logs later to find out what you can do to boost the safety of your Internet sites as you shall find details such as where an intrusion attempt originated from, what Internet site was attacked and based on what rule ModSecurity responded, etc. The rules we employ are commercial, therefore they're regularly updated by a security firm, but to be on the safe side, our admins also include custom rules from time to time in order to react to any new threats they have discovered.