ModSecurity is a powerful web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to an Internet site without affecting its performance and when it detects an intrusion attempt, it prevents it. The firewall also keeps a more thorough log for the website visitors than any web server does, so you'll be able to monitor what's happening with your websites a lot better than if you rely merely on standard logs. ModSecurity works with security rules based on which it prevents attacks. For example, it identifies if anyone is attempting to log in to the administrator area of a certain script several times or if a request is sent to execute a file with a certain command. In such instances these attempts set off the corresponding rules and the firewall software blocks the attempts right away, and then records comprehensive information about them inside its logs. ModSecurity is one of the very best software firewalls out there and it could easily protect your web apps against a large number of threats and vulnerabilities, especially if you don’t update them or their plugins regularly.
ModSecurity in Shared Website Hosting
ModSecurity comes by default with all shared website hosting plans which we provide and it'll be turned on automatically for any domain or subdomain you add/create within your Hepsia hosting Control Panel. The firewall has 3 different modes, so you can activate and deactivate it with simply a click or set it to detection mode, so it shall maintain a log of all attacks, but it'll not do anything to stop them. The log for each of your sites will contain in-depth information including the nature of the attack, where it came from, what action was taken by ModSecurity, etc. The firewall rules we use are constantly updated and comprise of both commercial ones that we get from a third-party security business and custom ones which our system administrators add in case that they detect a new sort of attacks. That way, the Internet sites you host here shall be much more protected with no action required on your end.
ModSecurity in Semi-dedicated Hosting
We have included ModSecurity as a standard in all semi-dedicated hosting packages, so your web applications will be protected as soon as you install them under any domain or subdomain. The Hepsia CP which comes with the semi-dedicated accounts will allow you to enable or disable the firewall for any site with a click. You will also have the ability to switch on a passive detection mode in which ModSecurity shall keep a log of possible attacks without actually preventing them. The thorough logs contain the nature of the attack and what ModSecurity response this attack generated, where it came from, and so on. The list of rules which we employ is frequently updated in order to match any new risks that may appear on the Internet and it comes with both commercial rules that we get from a security corporation and custom-written ones that our admins include in case they find a threat that's not present in the commercial list yet.
ModSecurity in Dedicated Hosting
ModSecurity is available as standard with all dedicated servers that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain which you host or subdomain you create on the hosting server. In the event that a web application does not operate adequately, you can either disable the firewall or set it to function in passive mode. The latter means that ModSecurity shall keep a log of any potential attack which might occur, but shall not take any action to prevent it. The logs created in passive or active mode shall present you with more details about the exact file that was attacked, the form of the attack and the IP address it originated from, etcetera. This data will permit you to choose what measures you can take to increase the security of your websites, including blocking IPs or carrying out script and plugin updates. The ModSecurity rules we employ are updated often with a commercial package from a third-party security provider we work with, but oftentimes our admins add their own rules too when they identify a new potential threat.