ModSecurity is a powerful web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to an Internet site without affecting its operation and if it detects an intrusion attempt, it prevents it. The firewall furthermore keeps a more detailed log for the website visitors than any server does, so you shall be able to keep track of what is going on with your Internet sites much better than if you rely only on conventional logs. ModSecurity works with security rules based on which it prevents attacks. For instance, it detects if somebody is attempting to log in to the administration area of a given script a number of times or if a request is sent to execute a file with a certain command. In such instances these attempts trigger the corresponding rules and the firewall software blocks the attempts immediately, and then records comprehensive details about them in its logs. ModSecurity is one of the most effective software firewalls on the market and it can protect your web apps against many threats and vulnerabilities, especially in case you don’t update them or their plugins regularly.
ModSecurity in Hosting
ModSecurity is supplied with all hosting web servers, so when you decide to host your Internet sites with our organization, they shall be shielded from a wide range of attacks. The firewall is enabled by default for all domains and subdomains, so there shall be nothing you will have to do on your end. You shall be able to stop ModSecurity for any Internet site if required, or to enable a detection mode, so all activity shall be recorded, but the firewall will not take any real action. You'll be able to view comprehensive logs via your Hepsia CP including the IP address where the attack came from, what the attacker wanted to do and how ModSecurity handled the threat. Since we take the security of our customers' Internet sites seriously, we employ a selection of commercial rules that we take from one of the leading companies which maintain this kind of rules. Our administrators also include custom rules to make sure that your sites will be resistant to as many risks as possible.
ModSecurity in Semi-dedicated Servers
All semi-dedicated server plans which we offer include ModSecurity and because the firewall is enabled by default, any site you set up under a domain or a subdomain will be protected right away. An individual section within the Hepsia Control Panel which comes with the semi-dedicated accounts is dedicated to ModSecurity and it'll enable you to stop and start the firewall for any website or activate a detection mode. With the last mentioned, ModSecurity won't take any action, but it'll still recognize possible attacks and will keep all data in a log as if it were fully active. The logs can be found inside the same section of the CP and they offer info about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to detect and stop it, etcetera. The security rules which we use on our web servers are a mix between commercial ones from a security firm and custom ones developed by our system administrators. As a result, we provide greater security for your web applications as we can protect them from attacks before security businesses release updates for brand new threats.
ModSecurity in VPS Servers
Safety is of the utmost importance to us, so we install ModSecurity on all VPS servers which are provided with the Hepsia CP by default. The firewall could be managed via a dedicated section inside Hepsia and is switched on automatically when you include a new domain or create a subdomain, so you'll not need to do anything manually. You shall also be able to disable it or switch on the so-called detection mode, so it shall maintain a log of potential attacks that you can later analyze, but shall not stop them. The logs in both passive and active modes offer information regarding the type of the attack and how it was eliminated, what IP it originated from and other valuable info that could help you to tighten the security of your Internet sites by updating them or blocking IPs, for example. In addition to the commercial rules which we get for ModSecurity from a third-party security firm, we also employ our own rules since from time to time we find specific attacks that are not yet present within the commercial group. That way, we can easily boost the protection of your Virtual private server right away as opposed to awaiting a certified update.
ModSecurity in Dedicated Servers
If you choose to host your sites on a dedicated server with the Hepsia Control Panel, your web programs shall be protected right away because ModSecurity is supplied with all Hepsia-based packages. You will be able to regulate the firewall with ease and if needed, you'll be able to turn it off or enable its passive mode when it will only keep a log of what is occurring without taking any action to prevent potential attacks. The logs that you can find within the exact same section of the Control Panel are extremely detailed and contain data about the attacker IP address, what website and file were attacked and in what way, what rule the firewall used to stop the intrusion, etc. This information shall permit you to take measures and enhance the security of your websites even more. To be on the safe side, we employ not just commercial rules, but also custom-made ones that our admins include whenever they identify attacks which haven't yet been included within the commercial pack.