ModSecurity is a powerful web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its performance and if it identifies an intrusion attempt, it blocks it. The firewall also keeps a more comprehensive log for the website visitors than any web server does, so you will be able to keep an eye on what is happening with your sites better than if you rely simply on conventional logs. ModSecurity employs security rules based on which it prevents attacks. For example, it recognizes if someone is trying to log in to the administrator area of a specific script multiple times or if a request is sent to execute a file with a specific command. In these cases these attempts set off the corresponding rules and the software blocks the attempts immediately, then records in-depth information about them inside its logs. ModSecurity is one of the very best software firewalls available and it can protect your web applications against a large number of threats and vulnerabilities, especially if you don’t update them or their plugins often.
ModSecurity in Shared Hosting
We provide ModSecurity with all shared hosting packages, so your web applications shall be shielded from malicious attacks. The firewall is activated as standard for all domains and subdomains, but in case you'd like, you shall be able to stop it using the respective part of your Hepsia Control Panel. You can also activate a detection mode, so ModSecurity shall keep a log as intended, but shall not take any action. The logs which you'll find inside Hepsia are quite detailed and include info about the nature of any attack, when it transpired and from what IP address, the firewall rule which was triggered, etc. We use a range of commercial rules that are often updated, but sometimes our admins include custom rules as well in order to efficiently protect the websites hosted on our machines.
ModSecurity in Semi-dedicated Servers
ModSecurity is part of our semi-dedicated server solutions and if you decide to host your Internet sites with us, there will not be anything special you will have to do as the firewall is turned on by default for all domains and subdomains you include through your hosting CP. If required, you could disable ModSecurity for a given site or switch on the so-called detection mode in which case the firewall shall still function and record info, but won't do anything to stop potential attacks on your Internet sites. Thorough logs will be readily available in your Control Panel and you will be able to see which kind of attacks happened, what security rules were triggered and how the firewall handled the threats, what IP addresses the attacks originated from, etc. We use two types of rules on our servers - commercial ones from a business which operates in the field of web security, and customized ones that our admins occasionally include to respond to newly found threats on time.
ModSecurity in VPS Servers
All VPS servers which are offered with the Hepsia Control Panel feature ModSecurity. The firewall is installed and switched on by default for all domains that are hosted on the web server, so there will not be anything special that you'll need to do to protect your websites. It'll take you only a click to stop ModSecurity if necessary or to turn on its passive mode so that it records what happens without taking any steps to prevent intrusions. You'll be able to view the logs generated in passive or active mode via the corresponding section of Hepsia and discover more about the type of the attack, where it originated from, what rule the firewall used to tackle it, etc. We use a mix of commercial and custom rules in order to ensure that ModSecurity shall stop as many threats as possible, thus improving the security of your web programs as much as possible.
ModSecurity in Dedicated Servers
ModSecurity is included with all dedicated servers that are set up with our Hepsia Control Panel and you won't have to do anything specific on your end to employ it because it is activated by default every time you add a new domain or subdomain on your hosting server. If it disrupts some of your applications, you shall be able to stop it via the respective section of Hepsia, or you could leave it working in passive mode, so it will recognize attacks and shall still keep a log for them, but won't prevent them. You'll be able to examine the logs later to learn what you can do to increase the safety of your sites as you'll find details such as where an intrusion attempt came from, what site was attacked and based upon what rule ModSecurity responded, etcetera. The rules which we use are commercial, thus they are constantly updated by a security firm, but to be on the safe side, our staff also add custom rules once in a while in order to deal with any new threats they have discovered.