ModSecurity is a potent web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to an Internet site without affecting its functionality and in case it identifies an intrusion attempt, it prevents it. The firewall additionally maintains a more thorough log for the site visitors than any server does, so you'll be able to monitor what's going on with your Internet sites better than if you rely merely on standard logs. ModSecurity employs security rules based on which it prevents attacks. For instance, it identifies if somebody is trying to log in to the admin area of a given script a number of times or if a request is sent to execute a file with a particular command. In these circumstances these attempts trigger the corresponding rules and the firewall program hinders the attempts instantly, then records in-depth information about them within its logs. ModSecurity is amongst the most effective software firewalls available and it can protect your web applications against many threats and vulnerabilities, especially in case you don’t update them or their plugins regularly.
ModSecurity in Shared Website Hosting
ModSecurity comes standard with all shared website hosting
packages which we offer and it'll be switched on automatically for any domain or subdomain which you add/create within your Hepsia hosting CP. The firewall has three different modes, so you can switch on and disable it with just a mouse click or set it to detection mode, so it shall maintain a log of all attacks, but it will not do anything to prevent them. The log for any of your sites shall contain in-depth info which includes the nature of the attack, where it came from, what action was taken by ModSecurity, and so on. The firewall rules that we use are regularly updated and comprise of both commercial ones which we get from a third-party security business and custom ones that our system administrators include in the event that they detect a new type of attacks. That way, the sites which you host here shall be a lot more protected without any action needed on your end.
ModSecurity in Semi-dedicated Hosting
We have incorporated ModSecurity by default within all semi-dedicated hosting
packages, so your web applications shall be protected as soon as you install them under any domain or subdomain. The Hepsia CP which is included with the semi-dedicated accounts will permit you to switch on or disable the firewall for any website with a mouse click. You will also have the ability to switch on a passive detection mode through which ModSecurity will maintain a log of potential attacks without really stopping them. The thorough logs include things like the nature of the attack and what ModSecurity response this attack generated, where it came from, and so on. The list of rules which we use is frequently updated as to match any new threats that might appear on the Internet and it includes both commercial rules that we get from a security firm and custom-written ones which our administrators add in case they find a threat that's not present within the commercial list yet.
ModSecurity in VPS Hosting
Protection is essential to us, so we set up ModSecurity on all virtual private servers
which are made available with the Hepsia CP by default. The firewall could be managed via a dedicated section within Hepsia and is switched on automatically when you include a new domain or create a subdomain, so you won't have to do anything manually. You'll also be able to deactivate it or switch on the so-called detection mode, so it'll keep a log of possible attacks that you can later examine, but won't stop them. The logs in both passive and active modes offer info regarding the kind of the attack and how it was eliminated, what IP address it came from and other useful info that may help you to tighten the security of your websites by updating them or blocking IPs, for instance. Beyond the commercial rules that we get for ModSecurity from a third-party security enterprise, we also use our own rules since from time to time we detect specific attacks that are not yet present within the commercial package. That way, we could increase the security of your Virtual private server immediately instead of waiting for an official update.
ModSecurity in Dedicated Web Hosting
All our dedicated servers
which are set up with the Hepsia hosting CP include ModSecurity, so any app which you upload or set up will be protected from the very beginning and you will not have to stress about common attacks or vulnerabilities. A separate section inside Hepsia will enable you to start or stop the firewall for any domain or subdomain, or activate a detection mode so that it records information regarding intrusions, but does not take actions to stop them. What you shall see in the logs can easily help you to secure your sites better - the IP address an attack came from, what website was attacked and how, what ModSecurity rule was triggered, etcetera. With this data, you could see if a site needs an update, whether you ought to block IPs from accessing your hosting server, etcetera. In addition to the third-party commercial security rules for ModSecurity we use, our admins include custom ones as well every time they come across a new threat that is not yet included in the commercial bundle.