ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to an Internet site without affecting its functionality and if it identifies an intrusion attempt, it blocks it. The firewall also keeps a more detailed log for the website visitors than any server does, so you will manage to keep track of what's going on with your Internet sites better than if you rely merely on conventional logs. ModSecurity employs security rules based on which it stops attacks. For example, it recognizes if anyone is attempting to log in to the admin area of a particular script several times or if a request is sent to execute a file with a particular command. In such cases these attempts trigger the corresponding rules and the firewall hinders the attempts right away, and then records comprehensive info about them inside its logs. ModSecurity is among the most effective software firewalls out there and it can easily protect your web apps against a huge number of threats and vulnerabilities, particularly in case you don’t update them or their plugins frequently.
ModSecurity in Cloud Hosting
We provide ModSecurity with all cloud hosting packages, so your Internet applications shall be resistant to harmful attacks. The firewall is activated as standard for all domains and subdomains, but in case you'd like, you will be able to stop it through the respective area of your Hepsia CP. You'll be able to also activate a detection mode, so ModSecurity will keep a log as intended, but won't take any action. The logs which you'll discover within Hepsia are very detailed and feature data about the nature of any attack, when it happened and from what IP, the firewall rule that was triggered, and so on. We employ a group of commercial rules that are frequently updated, but sometimes our admins include custom rules as well in order to better protect the websites hosted on our servers.
ModSecurity in Semi-dedicated Servers
Any web application that you set up inside your new semi-dedicated server account shall be protected by ModSecurity as the firewall is provided with all our hosting plans and is switched on by default for any domain and subdomain which you include or create using your Hepsia hosting Control Panel. You will be able to manage ModSecurity through a dedicated area within Hepsia where not only can you activate or deactivate it entirely, but you may also enable a passive mode, so the firewall will not stop anything, but it will still maintain a record of potential attacks. This takes just a click and you'll be able to view the logs no matter if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was dealt with, etcetera. The firewall uses 2 groups of rules on our machines - a commercial one which we get from a third-party web security company and a custom one that our admins update personally in order to respond to recently discovered risks as soon as possible.
ModSecurity in Dedicated Servers
ModSecurity is provided with all dedicated servers which are integrated with our Hepsia Control Panel and you won't have to do anything specific on your end to employ it as it is activated by default each time you add a new domain or subdomain on your web server. In the event that it interferes with some of your apps, you shall be able to stop it via the respective section of Hepsia, or you can leave it working in passive mode, so it will detect attacks and shall still keep a log for them, but won't block them. You may look at the logs later to learn what you can do to improve the security of your websites as you will find info such as where an intrusion attempt originated from, what site was attacked and in accordance with what rule ModSecurity responded, etc. The rules we employ are commercial, hence they are regularly updated by a security company, but to be on the safe side, our administrators also include custom rules from time to time in order to deal with any new threats they have found.