ModSecurity is a powerful web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its overall performance and if it discovers an intrusion attempt, it prevents it. The firewall furthermore maintains a more thorough log for the site visitors than any server does, so you will manage to keep track of what's happening with your websites better than if you rely simply on standard logs. ModSecurity uses security rules based on which it stops attacks. For example, it identifies whether somebody is trying to log in to the administration area of a particular script multiple times or if a request is sent to execute a file with a specific command. In these situations these attempts set off the corresponding rules and the software blocks the attempts right away, after that records in-depth information about them inside its logs. ModSecurity is amongst the most effective software firewalls on the market and it can protect your web apps against many threats and vulnerabilities, especially in case you don’t update them or their plugins regularly.
ModSecurity in Hosting
ModSecurity can be found with each hosting solution that we offer and it is activated by default for any domain or subdomain which you include through your Hepsia CP. If it disrupts any of your programs or you'd like to disable it for any reason, you shall be able to accomplish that through the ModSecurity section of Hepsia with simply a mouse click. You can also activate a passive mode, so the firewall will identify potential attacks and maintain a log, but shall not take any action. You could view extensive logs in the exact same section, including the IP address where the attack originated from, what precisely the attacker aimed to do and at what time, what ModSecurity did, etcetera. For maximum safety of our clients we use a set of commercial firewall rules blended with custom ones that are provided by our system admins.
ModSecurity in Semi-dedicated Hosting
Any web program which you install in your new semi-dedicated hosting account shall be protected by ModSecurity as the firewall is provided with all our hosting plans and is activated by default for any domain and subdomain which you include or create using your Hepsia hosting Control Panel. You'll be able to manage ModSecurity through a dedicated area in Hepsia where not only can you activate or deactivate it entirely, but you may also enable a passive mode, so the firewall shall not stop anything, but it will still keep a record of possible attacks. This normally requires just a click and you shall be able to view the logs regardless if ModSecurity is in active or passive mode through the same section - what the attack was and where it came from, how it was taken care of, etcetera. The firewall uses 2 groups of rules on our machines - a commercial one that we get from a third-party web security provider and a custom one which our administrators update manually as to respond to newly discovered risks as quickly as possible.
ModSecurity in VPS Web Hosting
ModSecurity comes with all Hepsia-based virtual private servers that we offer and it'll be turned on automatically for any new domain or subdomain which you add on the web server. That way, any web app that you install will be protected right from the start without doing anything personally on your end. The firewall can be managed from the section of the Control Panel which has the same name. This is the location in whichyou can switch off ModSecurity or enable its passive mode, so it will not take any action towards threats, but shall still maintain a comprehensive log. The recorded information is available inside the same section as well and you'll be able to see what IPs any attacks originated from so that you block them, what the nature of the attempted attacks was and based on what security rules ModSecurity reacted. The rules we use on our servers are a mix between commercial ones we obtain from a security organization and custom ones which are included by our administrators to maximize the protection of any web apps hosted on our end.
ModSecurity in Dedicated Servers Hosting
All of our dedicated servers that are set up with the Hepsia hosting CP feature ModSecurity, so any app which you upload or install will be secured from the very beginning and you will not have to worry about common attacks or vulnerabilities. A separate section within Hepsia will allow you to start or stop the firewall for each domain or subdomain, or turn on a detection mode so that it records details about intrusions, but doesn't take actions to prevent them. What you will see in the logs can easily enable you to to secure your websites better - the IP address an attack originated from, what site was attacked as well as how, what ModSecurity rule was triggered, and so forth. With this data, you could see if a site needs an update, whether you ought to block IPs from accessing your web server, etcetera. Aside from the third-party commercial security rules for ModSecurity which we use, our administrators include custom ones as well every time they come across a new threat that's not yet in the commercial bundle.