ModSecurity is a highly effective web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a site without affecting its performance and if it detects an intrusion attempt, it blocks it. The firewall furthermore maintains a more comprehensive log for the site visitors than any web server does, so you will be able to keep an eye on what is going on with your sites much better than if you rely merely on conventional logs. ModSecurity uses security rules based on which it prevents attacks. For instance, it identifies whether somebody is attempting to log in to the administration area of a given script a number of times or if a request is sent to execute a file with a certain command. In such instances these attempts set off the corresponding rules and the firewall hinders the attempts in real time, after that records in-depth details about them in its logs. ModSecurity is amongst the best software firewalls out there and it can easily protect your web applications against a large number of threats and vulnerabilities, especially if you don’t update them or their plugins regularly.
ModSecurity in Shared Hosting
ModSecurity is offered with every shared hosting package which we offer and it is turned on by default for every domain or subdomain that you include through your Hepsia CP. If it interferes with any of your programs or you'd like to disable it for whatever reason, you shall be able to do this through the ModSecurity section of Hepsia with simply a click. You could also enable a passive mode, so the firewall will detect potential attacks and maintain a log, but shall not take any action. You could view comprehensive logs in the exact same section, including the IP address where the attack originated from, what exactly the attacker aimed to do and at what time, what ModSecurity did, etcetera. For maximum safety of our clients we use a collection of commercial firewall rules mixed with custom ones that are added by our system administrators.
ModSecurity in VPS Servers
All VPS servers that are provided with the Hepsia Control Panel include ModSecurity. The firewall is set up and activated by default for all domains that are hosted on the server, so there won't be anything special which you'll have to do to protect your websites. It'll take you a mouse click to stop ModSecurity if required or to switch on its passive mode so that it records what happens without taking any measures to stop intrusions. You'll be able to view the logs generated in passive or active mode through the corresponding section of Hepsia and discover more about the form of the attack, where it originated from, what rule the firewall employed to handle it, etcetera. We use a combination of commercial and custom rules in order to ensure that ModSecurity will block out as many risks as possible, hence improving the protection of your web apps as much as possible.
ModSecurity in Dedicated Servers
ModSecurity comes with all dedicated servers which are set up with our Hepsia Control Panel and you'll not have to do anything specific on your end to employ it as it is activated by default every time you include a new domain or subdomain on your hosting server. In case it interferes with any of your applications, you will be able to stop it via the respective area of Hepsia, or you may leave it in passive mode, so it will detect attacks and shall still keep a log for them, but won't prevent them. You'll be able to analyze the logs later to find out what you can do to boost the safety of your Internet sites as you will find information such as where an intrusion attempt came from, what Internet site was attacked and based upon what rule ModSecurity reacted, and so forth. The rules which we employ are commercial, thus they are frequently updated by a security firm, but to be on the safe side, our staff also add custom rules from time to time as to deal with any new threats they have identified.