ModSecurity is a potent web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to a website without affecting its operation and if it identifies an intrusion attempt, it blocks it. The firewall additionally keeps a more thorough log for the site visitors than any web server does, so you shall be able to keep an eye on what's going on with your websites better than if you rely merely on standard logs. ModSecurity uses security rules based on which it helps prevent attacks. For example, it recognizes if anyone is attempting to log in to the administrator area of a certain script a number of times or if a request is sent to execute a file with a specific command. In these instances these attempts trigger the corresponding rules and the firewall program hinders the attempts right away, and then records comprehensive information about them in its logs. ModSecurity is one of the very best software firewalls available and it can easily protect your web apps against a large number of threats and vulnerabilities, especially in case you don’t update them or their plugins regularly.
ModSecurity in Hosting
ModSecurity is offered with every hosting plan which we provide and it's activated by default for any domain or subdomain that you include via your Hepsia Control Panel. If it disrupts any of your programs or you would like to disable it for whatever reason, you shall be able to achieve that through the ModSecurity area of Hepsia with just a mouse click. You could also activate a passive mode, so the firewall will discover possible attacks and maintain a log, but will not take any action. You'll be able to see comprehensive logs in the exact same section, including the IP where the attack originated from, what exactly the attacker attempted to do and at what time, what ModSecurity did, etc. For maximum safety of our clients we use a set of commercial firewall rules blended with custom ones which are added by our system administrators.
ModSecurity in Semi-dedicated Hosting
All semi-dedicated hosting solutions that we offer include ModSecurity and since the firewall is enabled by default, any site you create under a domain or a subdomain will be protected right away. An independent section inside the Hepsia CP which comes with the semi-dedicated accounts is devoted to ModSecurity and it will enable you to stop and start the firewall for any website or activate a detection mode. With the last mentioned, ModSecurity will not take any action, but it'll still identify possible attacks and shall keep all information in a log as if it were completely active. The logs can be found within the same section of the CP and they offer details about the IP where an attack came from, what its nature was, what rule ModSecurity applies to recognize and stop it, etc. The security rules we use on our web servers are a mix between commercial ones from a security firm and custom ones created by our system admins. For that reason, we offer higher security for your web applications as we can shield them from attacks even before security companies release updates for new threats.
ModSecurity in Dedicated Hosting
All our dedicated servers which are set up with the Hepsia hosting CP include ModSecurity, so any program which you upload or install shall be properly secured from the very beginning and you will not need to stress about common attacks or vulnerabilities. An independent section within Hepsia will enable you to start or stop the firewall for each domain or subdomain, or switch on a detection mode so that it records information about intrusions, but does not take actions to stop them. What you'll find in the logs shall enable you to to secure your Internet sites better - the IP an attack originated from, what site was attacked as well as how, what ModSecurity rule was triggered, etcetera. With this information, you'll be able to see whether a site needs an update, whether you need to block IPs from accessing your hosting server, etc. On top of the third-party commercial security rules for ModSecurity that we use, our admins include custom ones too if they come across a new threat that is not yet in the commercial bundle.