ModSecurity is a powerful web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to a website without affecting its overall performance and if it detects an intrusion attempt, it prevents it. The firewall furthermore maintains a more detailed log for the site visitors than any web server does, so you will be able to keep track of what is happening with your Internet sites much better than if you rely merely on conventional logs. ModSecurity uses security rules based on which it helps prevent attacks. For example, it recognizes if somebody is attempting to log in to the administration area of a specific script multiple times or if a request is sent to execute a file with a particular command. In such situations these attempts trigger the corresponding rules and the firewall blocks the attempts in real time, after that records in-depth details about them within its logs. ModSecurity is one of the most effective software firewalls on the market and it could easily protect your web applications against a large number of threats and vulnerabilities, especially in case you don’t update them or their plugins regularly.
ModSecurity in Web Hosting
ModSecurity comes standard with all web hosting packages that we provide and it shall be activated automatically for any domain or subdomain you add/create inside your Hepsia hosting CP. The firewall has three different modes, so you'll be able to switch on and deactivate it with a mouse click or set it to detection mode, so it will keep a log of all attacks, but it'll not do anything to prevent them. The log for any of your Internet sites shall include in-depth info which includes the nature of the attack, where it originated from, what action was taken by ModSecurity, and so on. The firewall rules which we use are constantly updated and incorporate both commercial ones that we get from a third-party security company and custom ones our system admins add in the event that they detect a new kind of attacks. In this way, the websites which you host here shall be way more secure with no action expected on your end.
ModSecurity in Semi-dedicated Hosting
Any web app which you install within your new semi-dedicated hosting account shall be protected by ModSecurity as the firewall comes with all our hosting solutions and is activated by default for any domain and subdomain you include or create using your Hepsia hosting Control Panel. You'll be able to manage ModSecurity via a dedicated section within Hepsia where not only can you activate or deactivate it entirely, but you could also activate a passive mode, so the firewall will not stop anything, but it shall still maintain an archive of potential attacks. This normally requires simply a click and you will be able to view the logs regardless of if ModSecurity is in passive or active mode through the same section - what the attack was and where it came from, how it was handled, etc. The firewall uses two sets of rules on our servers - a commercial one which we get from a third-party web security company and a custom one which our administrators update manually as to respond to newly discovered risks immediately.
ModSecurity in VPS
Security is extremely important to us, so we install ModSecurity on all virtual private servers which are set up with the Hepsia CP by default. The firewall could be managed through a dedicated section in Hepsia and is switched on automatically when you add a new domain or create a subdomain, so you won't need to do anything manually. You'll also be able to deactivate it or switch on the so-called detection mode, so it shall maintain a log of potential attacks you can later analyze, but will not stop them. The logs in both passive and active modes contain details about the type of the attack and how it was stopped, what IP address it came from and other useful data which could help you to tighten the security of your sites by updating them or blocking IPs, for instance. Besides the commercial rules that we get for ModSecurity from a third-party security company, we also employ our own rules because from time to time we detect specific attacks which aren't yet present in the commercial pack. That way, we can increase the protection of your Virtual private server right away rather than waiting for an official update.
ModSecurity in Dedicated Hosting
ModSecurity comes with all dedicated servers which are integrated with our Hepsia CP and you won't have to do anything specific on your end to use it because it is switched on by default whenever you add a new domain or subdomain on your hosting server. In case it disrupts some of your applications, you shall be able to stop it through the respective part of Hepsia, or you may leave it in passive mode, so it shall recognize attacks and will still maintain a log for them, but shall not prevent them. You could look at the logs later to find out what you can do to enhance the protection of your sites since you'll find info such as where an intrusion attempt came from, what Internet site was attacked and based on what rule ModSecurity responded, and so forth. The rules which we use are commercial, hence they are constantly updated by a security company, but to be on the safe side, our staff also include custom rules once in a while as to deal with any new threats they have found.