ModSecurity is a potent web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to an Internet site without affecting its performance and if it identifies an intrusion attempt, it prevents it. The firewall furthermore maintains a more thorough log for the website visitors than any server does, so you'll be able to keep an eye on what is happening with your websites better than if you rely only on conventional logs. ModSecurity employs security rules based on which it stops attacks. For example, it identifies whether someone is attempting to log in to the administration area of a given script multiple times or if a request is sent to execute a file with a particular command. In such cases these attempts set off the corresponding rules and the firewall software blocks the attempts in real time, and then records in-depth information about them within its logs. ModSecurity is one of the most effective software firewalls available and it could easily protect your web applications against thousands of threats and vulnerabilities, especially in case you don’t update them or their plugins regularly.
ModSecurity in Hosting
We provide ModSecurity with all hosting plans, so your Internet applications will be protected against harmful attacks. The firewall is switched on by default for all domains and subdomains, but in case you'd like, you will be able to stop it through the respective part of your Hepsia Control Panel. You'll be able to also activate a detection mode, so ModSecurity will keep a log as intended, but won't take any action. The logs which you shall discover within Hepsia are extremely detailed and include data about the nature of any attack, when it happened and from what IP address, the firewall rule that was triggered, and so on. We employ a set of commercial rules that are constantly updated, but sometimes our admins add custom rules as well in order to better protect the Internet sites hosted on our machines.
ModSecurity in Semi-dedicated Servers
We have included ModSecurity as a standard in all semi-dedicated server plans, so your web apps shall be protected as soon as you set them up under any domain or subdomain. The Hepsia CP which is included with the semi-dedicated accounts will permit you to switch on or disable the firewall for any site with a click. You'll also have the ability to turn on a passive detection mode in which ModSecurity will maintain a log of possible attacks without actually stopping them. The thorough logs contain the nature of the attack and what ModSecurity response this attack triggered, where it came from, and so on. The list of rules which we employ is frequently updated as to match any new threats which might appear on the Internet and it includes both commercial rules that we get from a security firm and custom-written ones that our admins include if they find a threat which is not present within the commercial list yet.
ModSecurity in VPS Servers
All VPS servers which are provided with the Hepsia Control Panel include ModSecurity. The firewall is set up and activated by default for all domains that are hosted on the web server, so there won't be anything special that you shall have to do to protect your sites. It'll take you a mouse click to stop ModSecurity if required or to switch on its passive mode so that it records what happens without taking any steps to stop intrusions. You shall be able to see the logs created in active or passive mode through the corresponding section of Hepsia and discover more about the form of the attack, where it came from, what rule the firewall used to tackle it, and so on. We employ a mixture of commercial and custom rules in order to ensure that ModSecurity shall stop as many risks as possible, hence increasing the security of your web apps as much as possible.
ModSecurity in Dedicated Servers
ModSecurity is provided as standard with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain you host or subdomain you create on the hosting server. In case that a web app does not work properly, you may either switch off the firewall or set it to function in passive mode. The latter means that ModSecurity shall maintain a log of any potential attack which might happen, but won't take any action to prevent it. The logs generated in active or passive mode shall offer you additional details about the exact file that was attacked, the form of the attack and the IP it originated from, and so on. This info shall permit you to determine what steps you can take to improve the safety of your Internet sites, including blocking IPs or carrying out script and plugin updates. The ModSecurity rules we employ are updated frequently with a commercial pack from a third-party security firm we work with, but occasionally our staff include their own rules as well in case they discover a new potential threat.