ModSecurity is a highly effective web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its functionality and if it discovers an intrusion attempt, it prevents it. The firewall furthermore maintains a more thorough log for the site visitors than any server does, so you'll manage to keep track of what's happening with your Internet sites much better than if you rely simply on standard logs. ModSecurity works with security rules based on which it helps prevent attacks. For example, it detects whether anyone is attempting to log in to the administration area of a particular script a number of times or if a request is sent to execute a file with a specific command. In these instances these attempts trigger the corresponding rules and the firewall program blocks the attempts immediately, and then records comprehensive information about them inside its logs. ModSecurity is among the very best software firewalls available and it could easily protect your web apps against a huge number of threats and vulnerabilities, particularly in case you don’t update them or their plugins often.
ModSecurity in Website Hosting
We provide ModSecurity with all website hosting
plans, so your Internet apps shall be shielded from destructive attacks. The firewall is turned on by default for all domains and subdomains, but if you would like, you'll be able to stop it via the respective area of your Hepsia Control Panel. You'll be able to also switch on a detection mode, so ModSecurity shall keep a log as intended, but will not take any action. The logs that you will discover within Hepsia are very detailed and offer info about the nature of any attack, when it took place and from what IP, the firewall rule which was triggered, etc. We use a group of commercial rules that are frequently updated, but sometimes our administrators include custom rules as well in order to efficiently protect the sites hosted on our machines.
ModSecurity in Semi-dedicated Hosting
We have integrated ModSecurity by default in all semi-dedicated hosting
products, so your web applications will be protected the instant you set them up under any domain or subdomain. The Hepsia CP which comes with the semi-dedicated accounts shall allow you to switch on or turn off the firewall for any site with a mouse click. You shall also be able to turn on a passive detection mode through which ModSecurity will maintain a log of potential attacks without really stopping them. The detailed logs include the nature of the attack and what ModSecurity response that attack triggered, where it originated from, etc. The list of rules that we use is regularly updated as to match any new risks that could appear on the Internet and it includes both commercial rules that we get from a security business and custom-written ones which our admins include if they discover a threat that's not present in the commercial list yet.
ModSecurity in Dedicated Web Hosting
ModSecurity is offered by default with all dedicated servers
which are set up with the Hepsia CP and is set to “Active” automatically for any domain that you host or subdomain which you create on the hosting server. In case that a web application does not operate properly, you may either turn off the firewall or set it to work in passive mode. The second means that ModSecurity shall keep a log of any possible attack which could take place, but will not take any action to stop it. The logs generated in passive or active mode shall offer you more details about the exact file which was attacked, the form of the attack and the IP address it originated from, etc. This info shall enable you to determine what actions you can take to enhance the security of your Internet sites, for instance blocking IPs or performing script and plugin updates. The ModSecurity rules which we use are updated often with a commercial bundle from a third-party security enterprise we work with, but oftentimes our staff include their own rules as well in case they identify a new potential threat.