ModSecurity is a powerful web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to an Internet site without affecting its performance and in case it identifies an intrusion attempt, it blocks it. The firewall furthermore maintains a more comprehensive log for the site visitors than any web server does, so you shall be able to keep an eye on what's happening with your Internet sites better than if you rely merely on standard logs. ModSecurity works with security rules based on which it stops attacks. For instance, it detects whether anyone is attempting to log in to the admin area of a specific script multiple times or if a request is sent to execute a file with a specific command. In such cases these attempts trigger the corresponding rules and the firewall hinders the attempts right away, and then records in-depth information about them within its logs. ModSecurity is one of the very best software firewalls out there and it can easily protect your web apps against many threats and vulnerabilities, especially if you don’t update them or their plugins frequently.
ModSecurity in Web Hosting
We provide ModSecurity with all web hosting packages, so your Internet applications will be shielded from destructive attacks. The firewall is turned on by default for all domains and subdomains, but in case you would like, you'll be able to stop it via the respective part of your Hepsia CP. You'll be able to also activate a detection mode, so ModSecurity shall keep a log as intended, but shall not take any action. The logs that you will find inside Hepsia are very detailed and offer info about the nature of any attack, when it happened and from what IP, the firewall rule which was triggered, and so on. We employ a group of commercial rules that are regularly updated, but sometimes our administrators add custom rules as well in order to efficiently protect the websites hosted on our machines.
ModSecurity in Semi-dedicated Servers
ModSecurity is a part of our semi-dedicated server solutions and if you choose to host your sites with our company, there will not be anything special you'll need to do given that the firewall is switched on by default for all domains and subdomains that you add via your hosting CP. If necessary, you'll be able to disable ModSecurity for a certain site or activate the so-called detection mode in which case the firewall will still operate and record data, but shall not do anything to prevent possible attacks against your Internet sites. Thorough logs will be readily available within your Control Panel and you'll be able to see what type of attacks happened, what security rules were triggered and how the firewall dealt with the threats, what IP addresses the attacks came from, etcetera. We employ 2 types of rules on our servers - commercial ones from a firm which operates in the field of web security, and custom ones that our administrators occasionally include to respond to newly discovered risks on time.
ModSecurity in VPS Servers
Security is extremely important to us, so we install ModSecurity on all VPS servers which are provided with the Hepsia Control Panel as a standard. The firewall can be managed via a dedicated section in Hepsia and is activated automatically when you add a new domain or create a subdomain, so you will not have to do anything manually. You shall also be able to deactivate it or switch on the so-called detection mode, so it'll maintain a log of potential attacks you can later study, but shall not stop them. The logs in both passive and active modes contain information regarding the form of the attack and how it was stopped, what IP it came from and other valuable data which could help you to tighten the security of your Internet sites by updating them or blocking IPs, as an example. On top of the commercial rules that we get for ModSecurity from a third-party security company, we also use our own rules because occasionally we find specific attacks that aren't yet present within the commercial pack. This way, we could boost the security of your VPS in a timely manner as opposed to awaiting a certified update.
ModSecurity in Dedicated Servers
All our dedicated servers that are set up with the Hepsia hosting CP come with ModSecurity, so any program which you upload or install shall be properly secured from the very beginning and you'll not have to stress about common attacks or vulnerabilities. An individual section inside Hepsia will permit you to start or stop the firewall for any domain or subdomain, or switch on a detection mode so that it records information regarding intrusions, but doesn't take actions to stop them. What you will find in the logs can easily help you to secure your websites better - the IP address an attack came from, what site was attacked and in what way, what ModSecurity rule was triggered, etcetera. With this data, you can see if a website needs an update, whether you should block IPs from accessing your hosting server, and so forth. On top of the third-party commercial security rules for ModSecurity we use, our admins include custom ones as well whenever they find a new threat that's not yet a part of the commercial bundle.