ModSecurity is a highly effective web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to an Internet site without affecting its performance and in case it discovers an intrusion attempt, it blocks it. The firewall also maintains a more comprehensive log for the website visitors than any web server does, so you shall manage to keep track of what's going on with your Internet sites better than if you rely simply on conventional logs. ModSecurity uses security rules based on which it helps prevent attacks. For instance, it identifies if somebody is attempting to log in to the administration area of a certain script several times or if a request is sent to execute a file with a certain command. In such instances these attempts trigger the corresponding rules and the software blocks the attempts instantly, and then records detailed info about them within its logs. ModSecurity is one of the very best software firewalls on the market and it can protect your web applications against a huge number of threats and vulnerabilities, particularly in case you don’t update them or their plugins often.
ModSecurity in Cloud Web Hosting
ModSecurity is offered with each and every cloud web hosting
solution which we provide and it's activated by default for every domain or subdomain which you add through your Hepsia CP. If it disrupts any of your programs or you'd like to disable it for any reason, you'll be able to accomplish that through the ModSecurity area of Hepsia with just a mouse click. You may also enable a passive mode, so the firewall will discover possible attacks and maintain a log, but shall not take any action. You can view detailed logs in the same section, including the IP address where the attack originated from, what exactly the attacker aimed to do and at what time, what ModSecurity did, and so on. For maximum protection of our clients we use a set of commercial firewall rules combined with custom ones which are added by our system administrators.
ModSecurity in Semi-dedicated Hosting
We've incorporated ModSecurity as a standard within all semi-dedicated hosting
packages, so your web applications will be protected the instant you install them under any domain or subdomain. The Hepsia CP which comes with the semi-dedicated accounts shall allow you to enable or disable the firewall for any Internet site with a click. You'll also have the ability to switch on a passive detection mode through which ModSecurity will maintain a log of possible attacks without really preventing them. The detailed logs contain the nature of the attack and what ModSecurity response that attack caused, where it came from, etcetera. The list of rules we employ is regularly updated in order to match any new risks which may appear on the Internet and it features both commercial rules that we get from a security business and custom-written ones which our administrators include if they find a threat that's not present inside the commercial list yet.
ModSecurity in VPS Web Hosting
Protection is of the utmost importance to us, so we install ModSecurity on all virtual private servers
which are provided with the Hepsia CP by default. The firewall could be managed through a dedicated section within Hepsia and is switched on automatically when you include a new domain or generate a subdomain, so you won't have to do anything by hand. You will also be able to disable it or turn on the so-called detection mode, so it'll keep a log of possible attacks that you can later analyze, but will not prevent them. The logs in both passive and active modes offer info about the type of the attack and how it was eliminated, what IP it came from and other useful info that might help you to tighten the security of your sites by updating them or blocking IPs, as an example. Beyond the commercial rules which we get for ModSecurity from a third-party security company, we also implement our own rules since occasionally we detect specific attacks that are not yet present in the commercial group. That way, we can boost the protection of your Virtual private server instantly instead of awaiting an official update.
ModSecurity in Dedicated Servers Hosting
When you choose to host your sites on a dedicated server
with the Hepsia Control Panel, your web applications will be secured right from the start since ModSecurity is available with all Hepsia-based solutions. You will be able to regulate the firewall without difficulty and if necessary, you shall be able to turn it off or activate its passive mode when it shall only maintain a log of what is going on without taking any action to stop potential attacks. The logs that you can find in the very same section of the CP are incredibly detailed and feature data about the attacker IP, what site and file were attacked and in what ways, what rule the firewall used to stop the intrusion, and so on. This information will permit you to take measures and enhance the security of your sites even more. To be on the safe side, we use not just commercial rules, but also custom-made ones that our administrators add every time they recognize attacks which have not yet been included in the commercial pack.