ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to a website without affecting its performance and when it discovers an intrusion attempt, it prevents it. The firewall also keeps a more comprehensive log for the traffic than any web server does, so you will be able to keep track of what is going on with your Internet sites much better than if you rely simply on conventional logs. ModSecurity uses security rules based on which it prevents attacks. For instance, it recognizes whether someone is attempting to log in to the administrator area of a particular script several times or if a request is sent to execute a file with a specific command. In these circumstances these attempts trigger the corresponding rules and the firewall hinders the attempts instantly, after that records detailed details about them in its logs. ModSecurity is one of the very best software firewalls out there and it can protect your web applications against thousands of threats and vulnerabilities, especially in case you don’t update them or their plugins regularly.
ModSecurity in Shared Web Hosting
ModSecurity is provided with all shared web hosting
web servers, so if you opt to host your Internet sites with our business, they will be shielded from an array of attacks. The firewall is turned on as standard for all domains and subdomains, so there'll be nothing you will need to do on your end. You'll be able to stop ModSecurity for any website if required, or to switch on a detection mode, so that all activity will be recorded, but the firewall shall not take any real action. You will be able to view comprehensive logs via your Hepsia Control Panel including the IP where the attack originated from, what the attacker wished to do and how ModSecurity addressed the threat. As we take the protection of our clients' sites seriously, we employ a selection of commercial rules that we take from one of the top companies which maintain this kind of rules. Our administrators also add custom rules to ensure that your websites shall be shielded from as many threats as possible.
ModSecurity in Semi-dedicated Hosting
We've integrated ModSecurity by default inside all semi-dedicated hosting
products, so your web applications shall be protected as soon as you set them up under any domain or subdomain. The Hepsia Control Panel that is included with the semi-dedicated accounts shall permit you to enable or disable the firewall for any website with a mouse click. You shall also have the ability to activate a passive detection mode with which ModSecurity will maintain a log of possible attacks without actually preventing them. The thorough logs include things like the nature of the attack and what ModSecurity response that attack activated, where it originated from, etc. The list of rules that we use is regularly updated as to match any new threats which may appear on the Internet and it comes with both commercial rules that we get from a security company and custom-written ones that our administrators add in case they discover a threat that is not present in the commercial list yet.
ModSecurity in VPS Web Hosting
All virtual private servers
that are offered with the Hepsia Control Panel come with ModSecurity. The firewall is installed and switched on by default for all domains that are hosted on the web server, so there shall not be anything special which you shall have to do to protect your Internet sites. It will take you a click to stop ModSecurity if necessary or to activate its passive mode so that it records what goes on without taking any steps to prevent intrusions. You'll be able to see the logs created in passive or active mode via the corresponding section of Hepsia and learn more about the form of the attack, where it originated from, what rule the firewall used to deal with it, etc. We use a mix of commercial and custom rules in order to make certain that ModSecurity shall stop as many threats as possible, consequently boosting the protection of your web applications as much as possible.
ModSecurity in Dedicated Servers Hosting
All of our dedicated servers
which are installed with the Hepsia hosting CP feature ModSecurity, so any app which you upload or install shall be properly secured from the very beginning and you will not need to concern yourself with common attacks or vulnerabilities. An independent section within Hepsia will allow you to start or stop the firewall for each domain or subdomain, or activate a detection mode so that it records information about intrusions, but does not take actions to stop them. What you'll discover in the logs shall help you to secure your Internet sites better - the IP an attack originated from, what website was attacked and how, what ModSecurity rule was triggered, etc. With this data, you could see whether an Internet site needs an update, if you need to block IPs from accessing your hosting server, and so forth. On top of the third-party commercial security rules for ModSecurity we use, our admins include custom ones too every time they discover a new threat that's not yet a part of the commercial bundle.