ModSecurity is a powerful web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to a website without affecting its operation and in case it identifies an intrusion attempt, it prevents it. The firewall furthermore maintains a more detailed log for the website visitors than any server does, so you shall be able to keep an eye on what is happening with your websites much better than if you rely only on conventional logs. ModSecurity employs security rules based on which it stops attacks. For instance, it identifies whether someone is attempting to log in to the administrator area of a particular script multiple times or if a request is sent to execute a file with a specific command. In such circumstances these attempts trigger the corresponding rules and the firewall software hinders the attempts right away, after that records in-depth details about them within its logs. ModSecurity is amongst the very best software firewalls available and it can protect your web apps against many threats and vulnerabilities, especially in case you don’t update them or their plugins regularly.
ModSecurity in Shared Web Hosting
ModSecurity is available with each and every shared web hosting plan that we offer and it is activated by default for any domain or subdomain which you add via your Hepsia Control Panel. In case it interferes with any of your programs or you'd like to disable it for some reason, you'll be able to do that through the ModSecurity area of Hepsia with merely a click. You can also enable a passive mode, so the firewall will detect potential attacks and keep a log, but shall not take any action. You'll be able to see detailed logs in the exact same section, including the IP address where the attack came from, what precisely the attacker tried to do and at what time, what ModSecurity did, and so on. For maximum protection of our customers we use a group of commercial firewall rules combined with custom ones that are added by our system administrators.
ModSecurity in Semi-dedicated Servers
ModSecurity is part of our semi-dedicated server plans and if you decide to host your Internet sites with us, there will not be anything special you'll need to do given that the firewall is activated by default for all domains and subdomains which you include via your hosting CP. If necessary, you could disable ModSecurity for a certain website or switch on the so-called detection mode in which case the firewall shall still function and record information, but won't do anything to stop potential attacks on your websites. Comprehensive logs will be available in your Control Panel and you'll be able to see which kind of attacks took place, what security rules were triggered and how the firewall addressed the threats, what IP addresses the attacks originated from, and so forth. We use two types of rules on our servers - commercial ones from a company which operates in the field of web security, and custom ones which our administrators occasionally include to respond to newly found threats in a timely manner.
ModSecurity in Dedicated Servers
If you decide to host your Internet sites on a dedicated server with the Hepsia Control Panel, your web apps will be secured straight away as ModSecurity is available with all Hepsia-based packages. You will be able to control the firewall easily and if necessary, you'll be able to turn it off or enable its passive mode when it will only keep a log of what is happening without taking any action to stop potential attacks. The logs that you can find in the exact same section of the Control Panel are really detailed and feature info about the attacker IP, what site and file were attacked and in what way, what rule the firewall used to prevent the intrusion, and so forth. This data shall allow you to take measures and enhance the protection of your sites even more. To be on the safe side, we use not just commercial rules, but also custom-made ones that our administrators include every time they recognize attacks which haven't yet been included inside the commercial pack.