ModSecurity is a potent web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to a site without affecting its performance and in case it discovers an intrusion attempt, it blocks it. The firewall also maintains a more thorough log for the website visitors than any web server does, so you shall be able to keep track of what's going on with your websites a lot better than if you rely only on conventional logs. ModSecurity works with security rules based on which it stops attacks. For example, it recognizes if somebody is attempting to log in to the administration area of a certain script a number of times or if a request is sent to execute a file with a specific command. In such cases these attempts trigger the corresponding rules and the software hinders the attempts right away, after that records in-depth details about them in its logs. ModSecurity is amongst the very best software firewalls on the market and it can protect your web applications against many threats and vulnerabilities, especially in case you don’t update them or their plugins often.
ModSecurity in Website Hosting
We offer ModSecurity with all website hosting plans, so your web applications shall be shielded from destructive attacks. The firewall is activated as standard for all domains and subdomains, but in case you'd like, you'll be able to stop it using the respective section of your Hepsia Control Panel. You could also switch on a detection mode, so ModSecurity shall keep a log as intended, but will not take any action. The logs which you will find within Hepsia are incredibly detailed and offer data about the nature of any attack, when it happened and from what IP address, the firewall rule which was triggered, and so forth. We employ a range of commercial rules that are constantly updated, but sometimes our administrators add custom rules as well in order to better protect the sites hosted on our servers.
ModSecurity in Semi-dedicated Hosting
Any web app that you set up within your new semi-dedicated hosting account shall be protected by ModSecurity because the firewall comes with all our hosting plans and is turned on by default for any domain and subdomain you add or create via your Hepsia hosting Control Panel. You shall be able to manage ModSecurity through a dedicated section inside Hepsia where not only can you activate or deactivate it completely, but you may also switch on a passive mode, so the firewall shall not stop anything, but it shall still keep a record of potential attacks. This requires simply a click and you'll be able to look at the logs no matter if ModSecurity is in passive or active mode through the same section - what the attack was and where it originated from, how it was addressed, etcetera. The firewall uses two sets of rules on our web servers - a commercial one which we get from a third-party web security company and a custom one that our administrators update personally in order to respond to recently discovered threats at the earliest opportunity.
ModSecurity in VPS Web Hosting
All virtual private servers that are offered with the Hepsia Control Panel feature ModSecurity. The firewall is set up and turned on by default for all domains that are hosted on the web server, so there will not be anything special that you will have to do to protect your sites. It will take you just a click to stop ModSecurity if necessary or to switch on its passive mode so that it records what goes on without taking any actions to stop intrusions. You'll be able to view the logs generated in passive or active mode from the corresponding section of Hepsia and learn more about the type of the attack, where it came from, what rule the firewall used to take care of it, etcetera. We use a mix of commercial and custom rules so as to ensure that ModSecurity will block as many threats as possible, hence increasing the security of your web programs as much as possible.
ModSecurity in Dedicated Servers Hosting
ModSecurity is offered as standard with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain which you host or subdomain that you create on the web server. Just in case that a web application does not function adequately, you could either disable the firewall or set it to function in passive mode. The second means that ModSecurity will keep a log of any possible attack which could take place, but shall not take any action to stop it. The logs produced in active or passive mode shall present you with more details about the exact file that was attacked, the type of the attack and the IP it originated from, etc. This info will enable you to choose what measures you can take to boost the safety of your Internet sites, such as blocking IPs or carrying out script and plugin updates. The ModSecurity rules we employ are updated frequently with a commercial pack from a third-party security company we work with, but from time to time our staff include their own rules as well in case they find a new potential threat.