ModSecurity is a powerful web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to an Internet site without affecting its overall performance and when it discovers an intrusion attempt, it prevents it. The firewall furthermore maintains a more detailed log for the traffic than any web server does, so you will be able to keep an eye on what is going on with your websites better than if you rely simply on standard logs. ModSecurity employs security rules based on which it helps prevent attacks. For instance, it identifies if somebody is attempting to log in to the admin area of a given script multiple times or if a request is sent to execute a file with a specific command. In these instances these attempts trigger the corresponding rules and the firewall program blocks the attempts immediately, after that records in-depth information about them within its logs. ModSecurity is one of the very best software firewalls out there and it can protect your web applications against a huge number of threats and vulnerabilities, especially if you don’t update them or their plugins often.
ModSecurity in Cloud Website Hosting
ModSecurity can be found with each and every cloud website hosting solution which we offer and it is turned on by default for every domain or subdomain which you add through your Hepsia CP. In the event that it disrupts any of your applications or you'd like to disable it for any reason, you'll be able to accomplish that through the ModSecurity section of Hepsia with just a mouse click. You could also enable a passive mode, so the firewall will detect possible attacks and maintain a log, but won't take any action. You'll be able to see extensive logs in the very same section, including the IP where the attack originated from, what exactly the attacker aimed to do and at what time, what ModSecurity did, etc. For optimum safety of our clients we use a group of commercial firewall rules blended with custom ones that are provided by our system admins.
ModSecurity in Semi-dedicated Hosting
All semi-dedicated hosting packages which we offer include ModSecurity and since the firewall is enabled by default, any website you create under a domain or a subdomain shall be protected right from the start. An individual section inside the Hepsia CP that comes with the semi-dedicated accounts is devoted to ModSecurity and it'll enable you to start and stop the firewall for any site or switch on a detection mode. With the last option, ModSecurity will not take any action, but it'll still identify possible attacks and will keep all data in a log as if it were 100% active. The logs can be found in the same section of the Control Panel and they feature specifics about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to identify and stop it, and so on. The security rules which we use on our machines are a mix of commercial ones from a security firm and custom ones made by our system admins. Consequently, we offer increased security for your web apps as we can shield them from attacks even before security corporations release updates for new threats.
ModSecurity in VPS Hosting
ModSecurity comes with all Hepsia-based virtual private servers that we offer and it shall be turned on automatically for any new domain or subdomain which you add on the hosting server. This way, any web application that you install will be protected from the very beginning without doing anything by hand on your end. The firewall can be managed via the section of the Control Panel which has the same name. This is the area in whichyou can switch off ModSecurity or activate its passive mode, so it shall not take any action towards threats, but shall still keep a comprehensive log. The recorded information is available in the same area as well and you will be able to see what IPs any attacks came from to enable you to block them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity reacted. The rules we employ on our servers are a combination between commercial ones that we get from a security organization and custom ones which are included by our administrators to improve the protection of any web apps hosted on our end.
ModSecurity in Dedicated Web Hosting
When you decide to host your Internet sites on a dedicated server with the Hepsia CP, your web apps shall be protected right away since ModSecurity is available with all Hepsia-based solutions. You will be able to regulate the firewall easily and if necessary, you shall be able to turn it off or switch on its passive mode when it'll only maintain a log of what's going on without taking any action to prevent potential attacks. The logs which you will find in the same section of the Control Panel are extremely detailed and contain information about the attacker IP, what site and file were attacked and in what ways, what rule the firewall employed to prevent the intrusion, and so forth. This information will enable you to take measures and increase the security of your sites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones that our staff add whenever they identify attacks which haven't yet been included in the commercial pack.