ModSecurity is a potent web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to a site without affecting its operation and in case it detects an intrusion attempt, it blocks it. The firewall furthermore maintains a more detailed log for the website visitors than any web server does, so you shall manage to monitor what's going on with your sites better than if you rely merely on conventional logs. ModSecurity employs security rules based on which it helps prevent attacks. For instance, it recognizes if somebody is attempting to log in to the administration area of a specific script several times or if a request is sent to execute a file with a specific command. In such situations these attempts set off the corresponding rules and the firewall program hinders the attempts in real time, then records in-depth information about them inside its logs. ModSecurity is one of the very best software firewalls out there and it can easily protect your web apps against a large number of threats and vulnerabilities, particularly if you don’t update them or their plugins often.
ModSecurity in Shared Hosting
ModSecurity comes standard with all shared hosting solutions which we supply and it'll be turned on automatically for any domain or subdomain that you add/create inside your Hepsia hosting CP. The firewall has three different modes, so you can activate and deactivate it with simply a click or set it to detection mode, so it'll maintain a log of all attacks, but it shall not do anything to stop them. The log for each of your websites will feature in-depth information such as the nature of the attack, where it originated from, what action was taken by ModSecurity, and so on. The firewall rules that we use are frequently updated and consist of both commercial ones which we get from a third-party security business and custom ones that our system administrators add in the event that they detect a new sort of attacks. This way, the websites you host here shall be a lot more protected without any action required on your end.
ModSecurity in Semi-dedicated Hosting
All semi-dedicated hosting packages which we offer come with ModSecurity and because the firewall is enabled by default, any Internet site you build under a domain or a subdomain will be secured straight away. An individual section within the Hepsia CP that comes with the semi-dedicated accounts is dedicated to ModSecurity and it'll enable you to stop and start the firewall for any Internet site or enable a detection mode. With the last option, ModSecurity shall not take any action, but it'll still recognize possible attacks and shall keep all information within a log as if it were fully active. The logs can be found within the very same section of the CP and they offer specifics about the IP where an attack came from, what its nature was, what rule ModSecurity applies to identify and stop it, etcetera. The security rules we employ on our servers are a mix between commercial ones from a security company and custom ones made by our system admins. As a result, we offer higher security for your web programs as we can defend them from attacks before security firms release updates for brand new threats.
ModSecurity in VPS Hosting
ModSecurity is provided with all Hepsia-based virtual private servers we offer and it'll be switched on automatically for every new domain or subdomain which you include on the hosting server. This way, any web app that you install shall be secured right from the start without doing anything manually on your end. The firewall may be handled through the section of the Control Panel that bears the same name. This is the location whereyou'll be able to disable ModSecurity or enable its passive mode, so it shall not take any action toward threats, but shall still keep a comprehensive log. The recorded information is available within the same section as well and you shall be able to see what IPs any attacks came from so that you can block them, what the nature of the attempted attacks was and based upon what security rules ModSecurity reacted. The rules we use on our servers are a combination between commercial ones which we get from a security company and custom ones that are included by our staff to optimize the protection of any web apps hosted on our end.
ModSecurity in Dedicated Web Hosting
ModSecurity is provided with all dedicated servers which are integrated with our Hepsia Control Panel and you will not need to do anything specific on your end to use it as it is activated by default whenever you include a new domain or subdomain on your hosting server. If it interferes with some of your applications, you'll be able to stop it through the respective section of Hepsia, or you may leave it working in passive mode, so it will detect attacks and will still maintain a log for them, but will not stop them. You could look at the logs later to learn what you can do to boost the safety of your Internet sites since you shall find info such as where an intrusion attempt originated from, what website was attacked and based upon what rule ModSecurity reacted, etc. The rules that we use are commercial, therefore they are constantly updated by a security firm, but to be on the safe side, our administrators also include custom rules every now and then as to react to any new threats they have discovered.