ModSecurity is a highly effective web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to a site without affecting its functionality and when it detects an intrusion attempt, it prevents it. The firewall also keeps a more thorough log for the traffic than any server does, so you shall manage to keep an eye on what's happening with your websites a lot better than if you rely only on conventional logs. ModSecurity uses security rules based on which it helps prevent attacks. For example, it recognizes if anyone is trying to log in to the administration area of a given script multiple times or if a request is sent to execute a file with a specific command. In these situations these attempts trigger the corresponding rules and the firewall software hinders the attempts in real time, and then records in-depth information about them within its logs. ModSecurity is among the best software firewalls out there and it can easily protect your web applications against thousands of threats and vulnerabilities, particularly in case you don’t update them or their plugins often.
ModSecurity in Website Hosting
ModSecurity comes standard with all website hosting solutions which we offer and it shall be activated automatically for any domain or subdomain which you add/create within your Hepsia hosting CP. The firewall has 3 different modes, so you could activate and disable it with a click or set it to detection mode, so it'll keep a log of all attacks, but it will not do anything to prevent them. The log for any of your sites will include comprehensive info including the nature of the attack, where it came from, what action was taken by ModSecurity, and so forth. The firewall rules which we use are constantly updated and include both commercial ones which we get from a third-party security company and custom ones our system admins include in case that they detect a new kind of attacks. This way, the websites which you host here will be far more protected without any action required on your end.
ModSecurity in Semi-dedicated Servers
Any web program that you set up inside your new semi-dedicated server account shall be protected by ModSecurity as the firewall comes with all our hosting solutions and is activated by default for any domain and subdomain which you add or create using your Hepsia hosting CP. You will be able to manage ModSecurity via a dedicated section within Hepsia where not only could you activate or deactivate it fully, but you can also enable a passive mode, so the firewall shall not block anything, but it'll still keep a record of potential attacks. This requires simply a mouse click and you shall be able to view the logs no matter if ModSecurity is in active or passive mode through the same section - what the attack was and where it came from, how it was dealt with, and so on. The firewall uses two sets of rules on our machines - a commercial one that we get from a third-party web security company and a custom one which our admins update personally as to respond to recently discovered threats as soon as possible.
ModSecurity in Dedicated Servers
ModSecurity is provided with all dedicated servers that are integrated with our Hepsia CP and you will not have to do anything specific on your end to employ it as it's activated by default whenever you add a new domain or subdomain on your server. In case it interferes with any of your applications, you shall be able to stop it via the respective area of Hepsia, or you can leave it in passive mode, so it'll detect attacks and will still keep a log for them, but shall not prevent them. You may look at the logs later to find out what you can do to enhance the security of your websites since you shall find info such as where an intrusion attempt originated from, what Internet site was attacked and in accordance with what rule ModSecurity reacted, and so on. The rules we employ are commercial, therefore they are frequently updated by a security company, but to be on the safe side, our administrators also add custom rules from time to time as to respond to any new threats they have identified.