ModSecurity is a potent web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to an Internet site without affecting its operation and if it detects an intrusion attempt, it prevents it. The firewall also maintains a more thorough log for the traffic than any server does, so you'll be able to keep an eye on what is happening with your websites better than if you rely simply on standard logs. ModSecurity uses security rules based on which it stops attacks. For instance, it recognizes whether someone is attempting to log in to the administrator area of a certain script a number of times or if a request is sent to execute a file with a certain command. In these instances these attempts set off the corresponding rules and the firewall hinders the attempts in real time, then records in-depth details about them within its logs. ModSecurity is among the most effective software firewalls available and it can protect your web apps against thousands of threats and vulnerabilities, particularly if you don’t update them or their plugins regularly.
ModSecurity in Shared Hosting
ModSecurity comes by default with all shared hosting plans which we provide and it will be turned on automatically for any domain or subdomain you add/create inside your Hepsia hosting CP. The firewall has three different modes, so you'll be able to activate and disable it with only a click or set it to detection mode, so it shall keep a log of all attacks, but it shall not do anything to stop them. The log for any of your Internet sites shall include elaborate information including the nature of the attack, where it originated from, what action was taken by ModSecurity, and so forth. The firewall rules which we use are frequently updated and incorporate both commercial ones which we get from a third-party security company and custom ones that our system administrators include in the event that they detect a new type of attacks. In this way, the sites that you host here will be much more secure with no action expected on your end.
ModSecurity in Semi-dedicated Servers
ModSecurity is part of our semi-dedicated server solutions and if you decide to host your websites with our company, there won't be anything special you'll need to do as the firewall is turned on by default for all domains and subdomains you include via your hosting CP. If required, you could disable ModSecurity for a given website or activate the so-called detection mode in which case the firewall shall still function and record information, but will not do anything to prevent potential attacks on your websites. Thorough logs shall be accessible inside your Control Panel and you shall be able to see what sort of attacks occurred, what security rules were triggered and how the firewall handled the threats, what IP addresses the attacks originated from, and so forth. We employ two types of rules on our servers - commercial ones from an organization which operates in the field of web security, and custom ones which our administrators often include to respond to newly identified threats in a timely manner.
ModSecurity in VPS Servers
ModSecurity is included with all Hepsia-based VPS servers which we offer and it shall be activated automatically for any new domain or subdomain which you add on the web server. That way, any web app you install will be protected from the very beginning without doing anything personally on your end. The firewall can be handled via the section of the CP that has the same name. This is the place in whichyou can disable ModSecurity or enable its passive mode, so it won't take any action towards threats, but will still maintain a detailed log. The recorded info is available in the same section as well and you shall be able to see what IPs any attacks came from so that you block them, what the nature of the attempted attacks was and based upon what security rules ModSecurity reacted. The rules which we employ on our servers are a mix between commercial ones which we obtain from a security firm and custom ones that are included by our staff to optimize the security of any web applications hosted on our end.
ModSecurity in Dedicated Servers
ModSecurity is provided as standard with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain that you host or subdomain you create on the web server. In the event that a web app doesn't work properly, you can either switch off the firewall or set it to operate in passive mode. The second means that ModSecurity shall maintain a log of any possible attack that could occur, but shall not take any action to stop it. The logs generated in active or passive mode shall give you more details about the exact file which was attacked, the nature of the attack and the IP it came from, and so forth. This data shall permit you to choose what steps you can take to improve the protection of your Internet sites, for instance blocking IPs or carrying out script and plugin updates. The ModSecurity rules that we employ are updated regularly with a commercial package from a third-party security enterprise we work with, but from time to time our administrators include their own rules too when they find a new potential threat.