ModSecurity is a highly effective web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to a site without affecting its functionality and if it discovers an intrusion attempt, it blocks it. The firewall furthermore maintains a more comprehensive log for the traffic than any server does, so you shall manage to keep track of what is happening with your Internet sites better than if you rely simply on standard logs. ModSecurity employs security rules based on which it prevents attacks. For instance, it detects if someone is trying to log in to the administration area of a particular script multiple times or if a request is sent to execute a file with a particular command. In these instances these attempts set off the corresponding rules and the firewall software hinders the attempts instantly, then records detailed information about them in its logs. ModSecurity is one of the very best software firewalls out there and it can protect your web apps against many threats and vulnerabilities, particularly in case you don’t update them or their plugins regularly.
ModSecurity in Semi-dedicated Hosting
Any web application you set up within your new semi-dedicated hosting
account shall be protected by ModSecurity since the firewall comes with all our hosting packages and is switched on by default for any domain and subdomain you add or create through your Hepsia hosting CP. You will be able to manage ModSecurity via a dedicated area in Hepsia where not only could you activate or deactivate it completely, but you could also enable a passive mode, so the firewall shall not block anything, but it shall still keep a record of potential attacks. This normally requires just a click and you will be able to see the logs no matter if ModSecurity is in passive or active mode through the same section - what the attack was and where it originated from, how it was handled, and so on. The firewall uses 2 groups of rules on our web servers - a commercial one that we get from a third-party web security provider and a custom one which our administrators update manually as to respond to newly discovered threats at the earliest opportunity.
ModSecurity in VPS
All virtual private servers
that are set up with the Hepsia CP come with ModSecurity. The firewall is set up and turned on by default for all domains which are hosted on the machine, so there shall not be anything special which you'll have to do to protect your Internet sites. It'll take you a click to stop ModSecurity if needed or to activate its passive mode so that it records what happens without taking any measures to stop intrusions. You shall be able to see the logs produced in passive or active mode via the corresponding section of Hepsia and discover more about the type of the attack, where it came from, what rule the firewall used to deal with it, etcetera. We use a mix of commercial and custom rules so as to make certain that ModSecurity will block as many threats as possible, therefore enhancing the security of your web apps as much as possible.
ModSecurity in Dedicated Hosting
ModSecurity is provided with all dedicated servers
which are integrated with our Hepsia Control Panel and you will not need to do anything specific on your end to employ it as it's turned on by default each time you include a new domain or subdomain on your web server. If it disrupts some of your programs, you shall be able to stop it through the respective section of Hepsia, or you could leave it working in passive mode, so it'll recognize attacks and shall still keep a log for them, but will not stop them. You'll be able to look at the logs later to find out what you can do to enhance the safety of your websites since you'll find info such as where an intrusion attempt originated from, what site was attacked and based upon what rule ModSecurity responded, etc. The rules that we employ are commercial, therefore they're constantly updated by a security firm, but to be on the safe side, our staff also add custom rules every now and then as to respond to any new threats they have discovered.