ModSecurity is a highly effective web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to an Internet site without affecting its functionality and when it identifies an intrusion attempt, it blocks it. The firewall furthermore keeps a more comprehensive log for the website visitors than any web server does, so you will be able to keep an eye on what is going on with your sites a lot better than if you rely merely on conventional logs. ModSecurity works with security rules based on which it stops attacks. For instance, it identifies if anyone is trying to log in to the admin area of a specific script several times or if a request is sent to execute a file with a particular command. In these circumstances these attempts set off the corresponding rules and the firewall hinders the attempts immediately, and then records comprehensive information about them within its logs. ModSecurity is one of the very best software firewalls out there and it can protect your web apps against a huge number of threats and vulnerabilities, especially if you don’t update them or their plugins often.
ModSecurity in Hosting
ModSecurity can be found with each and every hosting solution which we offer and it's turned on by default for every domain or subdomain that you add through your Hepsia Control Panel. If it disrupts any of your programs or you would like to disable it for whatever reason, you will be able to do that through the ModSecurity section of Hepsia with merely a click. You may also activate a passive mode, so the firewall will identify potential attacks and keep a log, but will not take any action. You'll be able to see comprehensive logs in the same section, including the IP address where the attack came from, what exactly the attacker aimed to do and at what time, what ModSecurity did, etcetera. For max protection of our clients we use a set of commercial firewall rules blended with custom ones which are provided by our system administrators.
ModSecurity in Semi-dedicated Servers
We've integrated ModSecurity by default in all semi-dedicated server packages, so your web applications shall be protected as soon as you set them up under any domain or subdomain. The Hepsia CP which is included with the semi-dedicated accounts will permit you to activate or disable the firewall for any Internet site with a mouse click. You shall also have the ability to switch on a passive detection mode in which ModSecurity will keep a log of potential attacks without actually preventing them. The detailed logs contain the nature of the attack and what ModSecurity response that attack generated, where it came from, etc. The list of rules which we use is constantly updated in order to match any new risks which could appear on the Internet and it comes with both commercial rules that we get from a security corporation and custom-written ones that our administrators add in the event that they find a threat which is not present within the commercial list yet.
ModSecurity in VPS Servers
All VPS servers which are set up with the Hepsia CP come with ModSecurity. The firewall is set up and switched on by default for all domains which are hosted on the web server, so there will not be anything special which you will have to do to protect your Internet sites. It will take you just a mouse click to stop ModSecurity if needed or to turn on its passive mode so that it records what happens without taking any actions to stop intrusions. You'll be able to see the logs created in active or passive mode from the corresponding section of Hepsia and find out more about the form of the attack, where it came from, what rule the firewall used to deal with it, etc. We employ a mixture of commercial and custom rules so as to make certain that ModSecurity shall prevent as many threats as possible, consequently boosting the protection of your web applications as much as possible.
ModSecurity in Dedicated Servers
ModSecurity is provided with all dedicated servers that are set up with our Hepsia CP and you will not need to do anything specific on your end to use it because it is switched on by default whenever you include a new domain or subdomain on your web server. In the event that it interferes with some of your apps, you will be able to stop it via the respective area of Hepsia, or you can leave it operating in passive mode, so it'll detect attacks and shall still maintain a log for them, but will not block them. You may look at the logs later to determine what you can do to enhance the protection of your websites as you shall find information such as where an intrusion attempt came from, what site was attacked and based upon what rule ModSecurity reacted, and so on. The rules we use are commercial, therefore they're regularly updated by a security firm, but to be on the safe side, our administrators also add custom rules from time to time in order to react to any new threats they have found.