ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to an Internet site without affecting its overall performance and if it discovers an intrusion attempt, it prevents it. The firewall also maintains a more detailed log for the site visitors than any server does, so you shall be able to monitor what's happening with your sites a lot better than if you rely simply on standard logs. ModSecurity works with security rules based on which it prevents attacks. For instance, it recognizes whether someone is attempting to log in to the administrator area of a specific script a number of times or if a request is sent to execute a file with a particular command. In these instances these attempts set off the corresponding rules and the firewall blocks the attempts immediately, and then records comprehensive info about them within its logs. ModSecurity is amongst the very best software firewalls out there and it could easily protect your web apps against many threats and vulnerabilities, especially if you don’t update them or their plugins frequently.
ModSecurity in Hosting
ModSecurity is available with every hosting package which we provide and it is turned on by default for every domain or subdomain which you add through your Hepsia CP. In the event that it disrupts any of your programs or you would like to disable it for any reason, you'll be able to achieve that through the ModSecurity section of Hepsia with only a mouse click. You could also enable a passive mode, so the firewall will detect potential attacks and maintain a log, but will not take any action. You could view comprehensive logs in the exact same section, including the IP where the attack originated from, exactly what the attacker attempted to do and at what time, what ModSecurity did, and so on. For max security of our customers we use a group of commercial firewall rules combined with custom ones which are provided by our system administrators.
ModSecurity in Semi-dedicated Servers
Any web program you install within your new semi-dedicated server account shall be protected by ModSecurity since the firewall is provided with all our hosting plans and is turned on by default for any domain and subdomain which you add or create via your Hepsia hosting CP. You'll be able to manage ModSecurity through a dedicated area in Hepsia where not simply could you activate or deactivate it completely, but you could also enable a passive mode, so the firewall shall not block anything, but it shall still keep an archive of potential attacks. This requires just a click and you will be able to view the logs regardless of if ModSecurity is in passive or active mode through the same section - what the attack was and where it came from, how it was dealt with, etcetera. The firewall uses 2 groups of rules on our machines - a commercial one that we get from a third-party web security provider and a custom one that our admins update personally as to respond to newly discovered risks at the earliest opportunity.
ModSecurity in VPS Servers
Safety is extremely important to us, so we set up ModSecurity on all VPS servers that are made available with the Hepsia Control Panel as a standard. The firewall could be managed via a dedicated section in Hepsia and is switched on automatically when you include a new domain or create a subdomain, so you will not have to do anything by hand. You'll also be able to disable it or activate the so-called detection mode, so it will keep a log of potential attacks which you can later analyze, but will not block them. The logs in both passive and active modes include info about the type of the attack and how it was stopped, what IP address it originated from and other useful information that could help you to tighten the security of your Internet sites by updating them or blocking IPs, as an example. In addition to the commercial rules which we get for ModSecurity from a third-party security firm, we also implement our own rules as once in a while we detect specific attacks which are not yet present in the commercial group. This way, we could improve the security of your VPS immediately as opposed to waiting for an official update.
ModSecurity in Dedicated Servers
All our dedicated servers which are set up with the Hepsia hosting Control Panel include ModSecurity, so any app you upload or install shall be properly secured from the very beginning and you'll not need to worry about common attacks or vulnerabilities. An independent section in Hepsia will enable you to start or stop the firewall for every domain or subdomain, or activate a detection mode so that it records info about intrusions, but doesn't take actions to stop them. What you will discover in the logs shall allow you to to secure your websites better - the IP address an attack came from, what site was attacked and in what way, what ModSecurity rule was triggered, etc. With this info, you can see if a site needs an update, if you need to block IPs from accessing your hosting server, etc. On top of the third-party commercial security rules for ModSecurity we use, our admins add custom ones as well every time they find a new threat which is not yet in the commercial bundle.