ModSecurity is a powerful web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to an Internet site without affecting its overall performance and when it detects an intrusion attempt, it blocks it. The firewall also keeps a more comprehensive log for the traffic than any web server does, so you'll manage to monitor what is happening with your websites a lot better than if you rely only on standard logs. ModSecurity employs security rules based on which it helps prevent attacks. For instance, it detects if someone is trying to log in to the admin area of a specific script multiple times or if a request is sent to execute a file with a particular command. In such cases these attempts set off the corresponding rules and the software blocks the attempts immediately, and then records comprehensive information about them within its logs. ModSecurity is one of the most effective software firewalls available and it can easily protect your web apps against a large number of threats and vulnerabilities, especially if you don’t update them or their plugins often.
ModSecurity in Cloud Web Hosting
ModSecurity can be found with each and every cloud web hosting
package which we offer and it's activated by default for any domain or subdomain that you add through your Hepsia CP. In the event that it disrupts any of your apps or you'd like to disable it for any reason, you will be able to do that through the ModSecurity area of Hepsia with just a click. You could also activate a passive mode, so the firewall will discover possible attacks and maintain a log, but shall not take any action. You can view detailed logs in the exact same section, including the IP address where the attack originated from, what precisely the attacker aimed to do and at what time, what ModSecurity did, and so on. For optimum security of our customers we use a group of commercial firewall rules combined with custom ones which are included by our system admins.
ModSecurity in Semi-dedicated Hosting
We've incorporated ModSecurity by default inside all semi-dedicated hosting
products, so your web apps shall be protected the instant you install them under any domain or subdomain. The Hepsia CP that comes with the semi-dedicated accounts will allow you to enable or disable the firewall for any website with a mouse click. You shall also have the ability to switch on a passive detection mode in which ModSecurity shall keep a log of possible attacks without really stopping them. The detailed logs include the nature of the attack and what ModSecurity response that attack generated, where it came from, and so on. The list of rules which we employ is constantly updated as to match any new risks that may appear on the Internet and it comes with both commercial rules that we get from a security company and custom-written ones that our administrators add in case they find a threat that's not present in the commercial list yet.
ModSecurity in VPS Hosting
ModSecurity comes with all Hepsia-based virtual private servers
we offer and it shall be activated automatically for any new domain or subdomain which you include on the hosting server. That way, any web application you install shall be protected right away without doing anything manually on your end. The firewall can be managed through the section of the Control Panel that bears the same name. This is the location in whichyou can turn off ModSecurity or activate its passive mode, so it won't take any action towards threats, but shall still maintain a thorough log. The recorded data is available within the same area as well and you'll be able to see what IPs any attacks came from to enable you to stop them, what the nature of the attempted attacks was and based on what security rules ModSecurity reacted. The rules that we employ on our servers are a mixture between commercial ones that we get from a security firm and custom ones that are included by our staff to enhance the protection of any web applications hosted on our end.
ModSecurity in Dedicated Web Hosting
When you choose to host your websites on a dedicated server
with the Hepsia Control Panel, your web applications shall be protected straight away because ModSecurity is available with all Hepsia-based packages. You will be able to control the firewall without difficulty and if needed, you shall be able to turn it off or enable its passive mode when it shall only maintain a log of what is taking place without taking any action to stop potential attacks. The logs that you can find inside the exact same section of the Control Panel are quite detailed and contain info about the attacker IP, what website and file were attacked and in what way, what rule the firewall used to prevent the intrusion, etcetera. This information will allow you to take measures and boost the protection of your websites even more. To be on the safe side, we use not only commercial rules, but also custom-made ones which our admins include when they identify attacks which have not yet been included in the commercial pack.