ModSecurity is a highly effective web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to a site without affecting its overall performance and if it discovers an intrusion attempt, it blocks it. The firewall additionally maintains a more detailed log for the site visitors than any server does, so you shall be able to monitor what's going on with your Internet sites better than if you rely merely on standard logs. ModSecurity works with security rules based on which it helps prevent attacks. For instance, it identifies whether anyone is attempting to log in to the administrator area of a given script multiple times or if a request is sent to execute a file with a certain command. In such cases these attempts trigger the corresponding rules and the software blocks the attempts instantly, and then records comprehensive info about them inside its logs. ModSecurity is one of the very best software firewalls available and it can easily protect your web apps against a huge number of threats and vulnerabilities, particularly if you don’t update them or their plugins regularly.
ModSecurity in Cloud Website Hosting
ModSecurity can be found with every cloud website hosting plan that we offer and it's activated by default for every domain or subdomain that you add via your Hepsia Control Panel. In case it disrupts any of your programs or you'd like to disable it for any reason, you will be able to achieve that through the ModSecurity section of Hepsia with only a click. You can also activate a passive mode, so the firewall will identify potential attacks and maintain a log, but won't take any action. You'll be able to view comprehensive logs in the exact same section, including the IP address where the attack came from, what precisely the attacker attempted to do and at what time, what ModSecurity did, etcetera. For maximum safety of our customers we use a group of commercial firewall rules blended with custom ones that are provided by our system admins.
ModSecurity in Semi-dedicated Servers
All semi-dedicated server solutions which we offer come with ModSecurity and since the firewall is switched on by default, any Internet site that you create under a domain or a subdomain shall be protected right away. A separate section inside the Hepsia Control Panel which comes with the semi-dedicated accounts is devoted to ModSecurity and it shall allow you to start and stop the firewall for any website or switch on a detection mode. With the latter, ModSecurity shall not take any action, but it shall still recognize possible attacks and shall keep all information inside a log as if it were completely active. The logs could be found in the very same section of the Control Panel and they include information about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to detect and stop it, etcetera. The security rules that we use on our web servers are a mix between commercial ones from a security business and custom ones created by our system admins. As a result, we offer increased security for your web apps as we can shield them from attacks before security businesses release updates for new threats.
ModSecurity in VPS Servers
ModSecurity is provided with all Hepsia-based VPS servers which we offer and it shall be turned on automatically for every new domain or subdomain you add on the server. That way, any web app that you install shall be protected immediately without doing anything manually on your end. The firewall could be handled from the section of the Control Panel that bears the same name. This is the location in whichyou could disable ModSecurity or activate its passive mode, so it shall not take any action against threats, but will still maintain a comprehensive log. The recorded info is available within the same area as well and you will be able to see what IPs any attacks came from so that you block them, what the nature of the attempted attacks was and based upon what security rules ModSecurity responded. The rules that we employ on our servers are a blend between commercial ones that we obtain from a security firm and custom ones which are added by our staff to maximize the security of any web apps hosted on our end.
ModSecurity in Dedicated Servers
All our dedicated servers that are set up with the Hepsia hosting CP feature ModSecurity, so any program that you upload or install shall be protected from the very beginning and you will not need to worry about common attacks or vulnerabilities. An independent section within Hepsia will enable you to start or stop the firewall for each and every domain or subdomain, or switch on a detection mode so that it records information about intrusions, but does not take actions to prevent them. What you shall see in the logs can easily help you to secure your Internet sites better - the IP an attack originated from, what website was attacked and in what way, what ModSecurity rule was triggered, and so on. With this info, you can see if an Internet site needs an update, if you need to block IPs from accessing your hosting server, and so forth. Besides the third-party commercial security rules for ModSecurity which we use, our admins include custom ones too every time they find a new threat that is not yet included in the commercial bundle.