ModSecurity is a highly effective web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to a site without affecting its performance and in case it detects an intrusion attempt, it prevents it. The firewall additionally maintains a more comprehensive log for the traffic than any server does, so you will manage to monitor what's going on with your sites better than if you rely merely on standard logs. ModSecurity uses security rules based on which it helps prevent attacks. For example, it detects whether anyone is attempting to log in to the admin area of a certain script a number of times or if a request is sent to execute a file with a certain command. In such situations these attempts set off the corresponding rules and the software blocks the attempts immediately, then records detailed details about them in its logs. ModSecurity is among the best software firewalls on the market and it can protect your web applications against many threats and vulnerabilities, especially in case you don’t update them or their plugins regularly.
ModSecurity in Cloud Web Hosting
We provide ModSecurity with all cloud web hosting
packages, so your Internet applications will be protected against harmful attacks. The firewall is turned on as standard for all domains and subdomains, but in case you would like, you'll be able to stop it via the respective section of your Hepsia CP. You'll be able to also switch on a detection mode, so ModSecurity shall keep a log as intended, but won't take any action. The logs that you shall find inside Hepsia are quite detailed and include info about the nature of any attack, when it occurred and from what IP address, the firewall rule which was triggered, etc. We use a range of commercial rules which are regularly updated, but sometimes our administrators add custom rules as well so as to efficiently protect the sites hosted on our machines.
ModSecurity in Semi-dedicated Servers
ModSecurity is part of our semi-dedicated server
packages and if you decide to host your sites with our company, there won't be anything special you'll have to do since the firewall is activated by default for all domains and subdomains that you include through your hosting CP. If required, you can disable ModSecurity for a particular website or switch on the so-called detection mode in which case the firewall will still operate and record data, but won't do anything to stop possible attacks against your websites. In depth logs shall be accessible in your CP and you shall be able to see what type of attacks took place, what security rules were triggered and how the firewall addressed the threats, what IP addresses the attacks originated from, etcetera. We employ 2 kinds of rules on our servers - commercial ones from a company which operates in the field of web security, and custom ones that our administrators sometimes add to respond to newly identified threats promptly.
ModSecurity in VPS Servers
ModSecurity is pre-installed on all VPS servers
which are offered with the Hepsia hosting Control Panel, so your web programs shall be protected from the instant your server is in a position. The firewall is turned on by default for any domain or subdomain on the VPS, but if needed, you can disable it with a click through the corresponding section of Hepsia. You could also set it to operate in detection mode, so it shall maintain an extensive log of any potential attacks without taking any action to prevent them. The logs can be found inside the exact same section and provide info about the nature of the attack, what IP address it originated from and what ModSecurity rule was initiated to stop it. For maximum security, we use not simply commercial rules from a business working in the field of web security, but also custom ones which our admins add manually so as to react to new risks which are still not addressed in the commercial rules.
ModSecurity in Dedicated Servers
All our dedicated servers
which are installed with the Hepsia hosting CP include ModSecurity, so any app that you upload or set up will be secured from the very beginning and you'll not need to concern yourself with common attacks or vulnerabilities. An individual section in Hepsia will allow you to start or stop the firewall for every domain or subdomain, or activate a detection mode so that it records details about intrusions, but doesn't take actions to prevent them. What you shall discover in the logs can easily allow you to to secure your websites better - the IP an attack originated from, what site was attacked as well as how, what ModSecurity rule was triggered, etc. With this data, you'll be able to see whether a site needs an update, whether you should block IPs from accessing your server, and so on. On top of the third-party commercial security rules for ModSecurity which we use, our administrators add custom ones as well when they discover a new threat that's not yet included in the commercial bundle.