ModSecurity is a powerful web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to an Internet site without affecting its operation and when it detects an intrusion attempt, it prevents it. The firewall additionally keeps a more detailed log for the website visitors than any web server does, so you will manage to keep track of what's going on with your sites a lot better than if you rely simply on conventional logs. ModSecurity works with security rules based on which it helps prevent attacks. For instance, it recognizes whether somebody is attempting to log in to the administrator area of a particular script several times or if a request is sent to execute a file with a certain command. In such instances these attempts trigger the corresponding rules and the firewall program blocks the attempts in real time, then records in-depth details about them within its logs. ModSecurity is among the best software firewalls available and it can easily protect your web applications against thousands of threats and vulnerabilities, especially in case you don’t update them or their plugins regularly.
ModSecurity in Shared Hosting
ModSecurity is available on all shared hosting web servers, so if you decide to host your websites with our organization, they will be shielded from a wide array of attacks. The firewall is enabled as standard for all domains and subdomains, so there will be nothing you will need to do on your end. You will be able to stop ModSecurity for any site if needed, or to switch on a detection mode, so that all activity will be recorded, but the firewall will not take any real action. You shall be able to view comprehensive logs from your Hepsia CP including the IP where the attack came from, what the attacker wanted to do and how ModSecurity addressed the threat. As we take the protection of our customers' sites very seriously, we use a set of commercial rules that we take from one of the leading firms that maintain such rules. Our admins also add custom rules to ensure that your Internet sites shall be shielded from as many risks as possible.
ModSecurity in Semi-dedicated Servers
All semi-dedicated server packages that we offer come with ModSecurity and because the firewall is switched on by default, any website that you set up under a domain or a subdomain will be protected right from the start. A separate section inside the Hepsia Control Panel that comes with the semi-dedicated accounts is dedicated to ModSecurity and it'll allow you to start and stop the firewall for any site or enable a detection mode. With the last option, ModSecurity will not take any action, but it shall still recognize possible attacks and shall keep all info within a log as if it were completely active. The logs can be found in the same section of the Control Panel and they include information about the IP where an attack came from, what its nature was, what rule ModSecurity applies to identify and stop it, and so on. The security rules which we use on our servers are a mix of commercial ones from a security company and custom ones developed by our system admins. For that reason, we offer greater security for your web applications as we can defend them from attacks even before security businesses release updates for completely new threats.
ModSecurity in VPS Servers
All VPS servers that are provided with the Hepsia CP come with ModSecurity. The firewall is installed and turned on by default for all domains which are hosted on the web server, so there will not be anything special which you'll have to do to protect your websites. It will take you simply a click to stop ModSecurity if required or to turn on its passive mode so that it records what goes on without taking any steps to stop intrusions. You'll be able to view the logs generated in passive or active mode via the corresponding section of Hepsia and discover more about the form of the attack, where it came from, what rule the firewall used to tackle it, and so forth. We use a mix of commercial and custom rules so as to ensure that ModSecurity shall block as many threats as possible, consequently boosting the security of your web applications as much as possible.
ModSecurity in Dedicated Servers
When you decide to host your websites on a dedicated server with the Hepsia Control Panel, your web apps shall be secured immediately since ModSecurity is supplied with all Hepsia-based plans. You will be able to control the firewall with ease and if necessary, you'll be able to turn it off or switch on its passive mode when it will only keep a log of what is happening without taking any action to prevent possible attacks. The logs that you will find in the exact same section of the CP are really detailed and contain information about the attacker IP address, what website and file were attacked and in what way, what rule the firewall used to prevent the intrusion, and so forth. This info will allow you to take measures and enhance the protection of your websites even more. To be on the safe side, we use not just commercial rules, but also custom-made ones which our administrators include when they detect attacks that have not yet been included inside the commercial pack.