ModSecurity is a potent web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to a site without affecting its functionality and in case it discovers an intrusion attempt, it prevents it. The firewall furthermore maintains a more thorough log for the website visitors than any server does, so you will be able to monitor what's happening with your Internet sites better than if you rely only on conventional logs. ModSecurity works with security rules based on which it prevents attacks. For example, it recognizes if anyone is trying to log in to the admin area of a given script several times or if a request is sent to execute a file with a certain command. In such instances these attempts trigger the corresponding rules and the firewall blocks the attempts right away, then records detailed information about them within its logs. ModSecurity is among the best software firewalls available and it can easily protect your web apps against a large number of threats and vulnerabilities, especially if you don’t update them or their plugins frequently.
ModSecurity in Cloud Hosting
ModSecurity is offered with each and every cloud hosting plan that we provide and it is activated by default for every domain or subdomain that you include through your Hepsia CP. If it disrupts any of your apps or you'd like to disable it for whatever reason, you'll be able to achieve that through the ModSecurity area of Hepsia with simply a click. You could also enable a passive mode, so the firewall will discover potential attacks and maintain a log, but will not take any action. You can see detailed logs in the exact same section, including the IP where the attack originated from, what precisely the attacker attempted to do and at what time, what ModSecurity did, and so on. For max safety of our customers we use a set of commercial firewall rules mixed with custom ones which are added by our system administrators.
ModSecurity in Semi-dedicated Servers
All semi-dedicated server solutions that we offer include ModSecurity and given that the firewall is switched on by default, any site you set up under a domain or a subdomain shall be protected right from the start. An independent section within the Hepsia Control Panel that comes with the semi-dedicated accounts is devoted to ModSecurity and it shall permit you to start and stop the firewall for any site or enable a detection mode. With the last option, ModSecurity won't take any action, but it shall still identify possible attacks and will keep all information in a log as if it were 100% active. The logs could be found within the very same section of the Control Panel and they feature information regarding the IP where an attack originated from, what its nature was, what rule ModSecurity applies to identify and stop it, etc. The security rules we use on our servers are a mix between commercial ones from a security company and custom ones made by our system administrators. Consequently, we provide higher security for your web programs as we can protect them from attacks before security firms release updates for new threats.
ModSecurity in Dedicated Servers
ModSecurity is provided as standard with all dedicated servers that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain which you host or subdomain you create on the hosting server. In case that a web app doesn't operate correctly, you can either turn off the firewall or set it to operate in passive mode. The latter means that ModSecurity shall maintain a log of any potential attack that might take place, but shall not take any action to prevent it. The logs created in active or passive mode shall provide you with more details about the exact file which was attacked, the form of the attack and the IP it came from, and so on. This data will enable you to decide what actions you can take to boost the safety of your sites, for instance blocking IPs or carrying out script and plugin updates. The ModSecurity rules that we use are updated often with a commercial pack from a third-party security firm we work with, but sometimes our staff include their own rules as well in the event that they discover a new potential threat.