ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to a site without affecting its overall performance and if it discovers an intrusion attempt, it blocks it. The firewall also maintains a more detailed log for the traffic than any web server does, so you'll manage to keep track of what is happening with your sites better than if you rely only on standard logs. ModSecurity uses security rules based on which it prevents attacks. For example, it detects whether someone is attempting to log in to the administration area of a given script several times or if a request is sent to execute a file with a certain command. In such circumstances these attempts trigger the corresponding rules and the firewall software blocks the attempts instantly, after that records in-depth details about them in its logs. ModSecurity is amongst the most effective software firewalls out there and it could easily protect your web applications against a large number of threats and vulnerabilities, especially if you don’t update them or their plugins often.
ModSecurity in Hosting
We provide ModSecurity with all hosting solutions, so your web applications shall be resistant to destructive attacks. The firewall is activated by default for all domains and subdomains, but in case you'd like, you'll be able to stop it using the respective area of your Hepsia CP. You can also switch on a detection mode, so ModSecurity shall keep a log as intended, but shall not take any action. The logs which you'll find within Hepsia are very detailed and include info about the nature of any attack, when it transpired and from what IP, the firewall rule that was triggered, etcetera. We employ a group of commercial rules that are frequently updated, but sometimes our administrators add custom rules as well in order to better protect the websites hosted on our machines.
ModSecurity in Semi-dedicated Servers
ModSecurity is a part of our semi-dedicated server plans and if you choose to host your websites with our company, there won't be anything special you'll have to do as the firewall is turned on by default for all domains and subdomains that you add using your hosting Control Panel. If needed, you'll be able to disable ModSecurity for a particular website or turn on the so-called detection mode in which case the firewall will still work and record info, but shall not do anything to prevent potential attacks against your Internet sites. In depth logs will be available inside your Control Panel and you shall be able to see what type of attacks occurred, what security rules were triggered and how the firewall dealt with the threats, what Internet protocol addresses the attacks originated from, and so on. We use two kinds of rules on our servers - commercial ones from an organization that operates in the field of web security, and customized ones which our administrators occasionally add to respond to newly discovered threats promptly.
ModSecurity in VPS Servers
ModSecurity is provided with all Hepsia-based VPS servers we offer and it'll be switched on automatically for any new domain or subdomain which you add on the web server. In this way, any web application which you install shall be protected from the very beginning without doing anything by hand on your end. The firewall could be managed through the section of the Control Panel which has the same name. This is the location in whichyou'll be able to disable ModSecurity or let its passive mode, so it shall not take any action toward threats, but shall still keep a comprehensive log. The recorded info is available in the same section as well and you'll be able to see what IPs any attacks originated from so that you can stop them, what the nature of the attempted attacks was and based on what security rules ModSecurity responded. The rules we employ on our servers are a mixture between commercial ones which we obtain from a security organization and custom ones which are included by our admins to improve the security of any web apps hosted on our end.
ModSecurity in Dedicated Servers
When you decide to host your websites on a dedicated server with the Hepsia CP, your web applications will be protected right away as ModSecurity is available with all Hepsia-based packages. You'll be able to manage the firewall with ease and if needed, you shall be able to turn it off or switch on its passive mode when it'll only keep a log of what's taking place without taking any action to prevent potential attacks. The logs that you can find within the very same section of the Control Panel are extremely detailed and contain info about the attacker IP address, what website and file were attacked and in what way, what rule the firewall used to prevent the intrusion, etcetera. This info will allow you to take measures and increase the protection of your Internet sites even more. To be on the safe side, we employ not just commercial rules, but also custom-made ones which our admins include when they recognize attacks which have not yet been included in the commercial pack.