ModSecurity is a powerful web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its performance and when it discovers an intrusion attempt, it blocks it. The firewall also keeps a more comprehensive log for the traffic than any web server does, so you shall be able to monitor what's going on with your websites much better than if you rely merely on conventional logs. ModSecurity employs security rules based on which it stops attacks. For example, it identifies if anyone is trying to log in to the admin area of a particular script a number of times or if a request is sent to execute a file with a specific command. In such situations these attempts set off the corresponding rules and the firewall hinders the attempts right away, and then records detailed information about them inside its logs. ModSecurity is amongst the very best software firewalls on the market and it could easily protect your web apps against many threats and vulnerabilities, especially if you don’t update them or their plugins regularly.
ModSecurity in Shared Hosting
We offer ModSecurity with all shared hosting plans, so your web applications shall be protected against destructive attacks. The firewall is turned on by default for all domains and subdomains, but in case you would like, you'll be able to stop it via the respective area of your Hepsia Control Panel. You could also switch on a detection mode, so ModSecurity will keep a log as intended, but will not take any action. The logs that you'll find within Hepsia are very detailed and offer information about the nature of any attack, when it transpired and from what IP, the firewall rule which was triggered, and so forth. We employ a range of commercial rules which are often updated, but sometimes our admins include custom rules as well so as to better protect the websites hosted on our servers.
ModSecurity in Semi-dedicated Hosting
ModSecurity is part of our semi-dedicated hosting plans and if you opt to host your Internet sites with us, there shall not be anything special you'll have to do given that the firewall is activated by default for all domains and subdomains that you add using your hosting CP. If required, you could disable ModSecurity for a particular website or turn on the so-called detection mode in which case the firewall shall still operate and record info, but shall not do anything to prevent potential attacks on your Internet sites. Detailed logs shall be accessible inside your CP and you'll be able to see what sort of attacks happened, what security rules were triggered and how the firewall handled the threats, what IP addresses the attacks came from, and so forth. We use 2 types of rules on our servers - commercial ones from a company which operates in the field of web security, and customized ones that our admins sometimes add to respond to newly found risks promptly.
ModSecurity in Dedicated Hosting
All of our dedicated servers that are set up with the Hepsia hosting Control Panel come with ModSecurity, so any app you upload or install shall be properly secured from the very beginning and you will not need to concern yourself with common attacks or vulnerabilities. An independent section within Hepsia will permit you to start or stop the firewall for any domain or subdomain, or activate a detection mode so that it records info about intrusions, but does not take actions to stop them. What you shall discover in the logs can enable you to to secure your sites better - the IP an attack came from, what website was attacked and in what way, what ModSecurity rule was triggered, etc. With this data, you'll be able to see if an Internet site needs an update, if you should block IPs from accessing your server, etc. Aside from the third-party commercial security rules for ModSecurity which we use, our admins include custom ones too whenever they come across a new threat that's not yet included in the commercial bundle.