ModSecurity is a highly effective web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to an Internet site without affecting its overall performance and if it identifies an intrusion attempt, it blocks it. The firewall also keeps a more thorough log for the site visitors than any web server does, so you shall manage to monitor what is happening with your sites better than if you rely merely on conventional logs. ModSecurity uses security rules based on which it prevents attacks. For instance, it identifies whether somebody is trying to log in to the administrator area of a given script several times or if a request is sent to execute a file with a specific command. In such instances these attempts trigger the corresponding rules and the firewall hinders the attempts instantly, and then records in-depth info about them in its logs. ModSecurity is amongst the most effective software firewalls on the market and it can easily protect your web applications against thousands of threats and vulnerabilities, especially in case you don’t update them or their plugins often.
ModSecurity in Shared Hosting
ModSecurity is available with every shared hosting
package that we offer and it is switched on by default for every domain or subdomain which you include via your Hepsia CP. In case it disrupts any of your programs or you'd like to disable it for whatever reason, you will be able to do that through the ModSecurity section of Hepsia with simply a click. You can also use a passive mode, so the firewall will discover potential attacks and keep a log, but shall not take any action. You could view comprehensive logs in the same section, including the IP address where the attack came from, what precisely the attacker tried to do and at what time, what ModSecurity did, etcetera. For maximum protection of our clients we use a collection of commercial firewall rules mixed with custom ones that are provided by our system administrators.
ModSecurity in Semi-dedicated Hosting
We have integrated ModSecurity by default in all semi-dedicated hosting
plans, so your web applications shall be protected the instant you install them under any domain or subdomain. The Hepsia Control Panel which comes with the semi-dedicated accounts will allow you to enable or disable the firewall for any website with a mouse click. You'll also be able to switch on a passive detection mode through which ModSecurity will keep a log of possible attacks without really stopping them. The detailed logs include the nature of the attack and what ModSecurity response that attack triggered, where it came from, etc. The list of rules we employ is regularly updated as to match any new threats that could appear on the Internet and it features both commercial rules that we get from a security corporation and custom-written ones which our administrators add if they find a threat that is not present within the commercial list yet.
ModSecurity in VPS Hosting
All virtual private servers
which are offered with the Hepsia CP feature ModSecurity. The firewall is installed and turned on by default for all domains which are hosted on the web server, so there shall not be anything special which you shall have to do to protect your websites. It will take you a click to stop ModSecurity if required or to turn on its passive mode so that it records what goes on without taking any measures to prevent intrusions. You'll be able to look at the logs generated in passive or active mode through the corresponding section of Hepsia and find out more about the type of the attack, where it originated from, what rule the firewall employed to deal with it, etc. We use a combination of commercial and custom rules so as to make certain that ModSecurity will block as many threats as possible, therefore enhancing the protection of your web applications as much as possible.
ModSecurity in Dedicated Web Hosting
ModSecurity is offered by default with all dedicated servers
which are set up with the Hepsia CP and is set to “Active” automatically for any domain that you host or subdomain that you create on the server. Just in case that a web app does not operate adequately, you can either disable the firewall or set it to function in passive mode. The second means that ModSecurity will maintain a log of any potential attack which could take place, but shall not take any action to stop it. The logs generated in passive or active mode will provide you with additional details about the exact file that was attacked, the form of the attack and the IP address it originated from, etcetera. This info will permit you to choose what steps you can take to increase the protection of your Internet sites, including blocking IPs or carrying out script and plugin updates. The ModSecurity rules which we use are updated often with a commercial package from a third-party security company we work with, but from time to time our staff include their own rules also if they identify a new potential threat.