ModSecurity is a powerful web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to a site without affecting its overall performance and when it discovers an intrusion attempt, it blocks it. The firewall furthermore maintains a more detailed log for the traffic than any server does, so you shall be able to monitor what's happening with your sites better than if you rely simply on standard logs. ModSecurity employs security rules based on which it stops attacks. For example, it recognizes if anyone is attempting to log in to the administrator area of a particular script a number of times or if a request is sent to execute a file with a specific command. In such cases these attempts trigger the corresponding rules and the software hinders the attempts in real time, and then records comprehensive information about them inside its logs. ModSecurity is amongst the most effective software firewalls available and it can easily protect your web applications against a large number of threats and vulnerabilities, especially in case you don’t update them or their plugins often.
ModSecurity in Website Hosting
ModSecurity is offered with every single website hosting package that we offer and it is activated by default for every domain or subdomain which you include via your Hepsia CP. In the event that it disrupts any of your applications or you would like to disable it for some reason, you'll be able to accomplish that through the ModSecurity section of Hepsia with simply a mouse click. You could also enable a passive mode, so the firewall will identify potential attacks and maintain a log, but will not take any action. You could view extensive logs in the exact same section, including the IP address where the attack originated from, exactly what the attacker attempted to do and at what time, what ModSecurity did, etc. For optimum security of our customers we use a collection of commercial firewall rules mixed with custom ones that are added by our system administrators.
ModSecurity in Semi-dedicated Servers
We've incorporated ModSecurity as a standard inside all semi-dedicated server packages, so your web applications will be protected whenever you install them under any domain or subdomain. The Hepsia CP which is included with the semi-dedicated accounts will allow you to activate or disable the firewall for any website with a mouse click. You shall also have the ability to turn on a passive detection mode with which ModSecurity will maintain a log of potential attacks without really preventing them. The detailed logs include the nature of the attack and what ModSecurity response this attack caused, where it came from, and so on. The list of rules we use is frequently updated as to match any new risks which may appear on the Internet and it features both commercial rules that we get from a security company and custom-written ones which our admins include in case they discover a threat that's not present within the commercial list yet.
ModSecurity in Dedicated Servers
When you opt to host your websites on a dedicated server with the Hepsia CP, your web programs shall be secured immediately since ModSecurity is supplied with all Hepsia-based packages. You shall be able to manage the firewall easily and if needed, you'll be able to turn it off or activate its passive mode when it will only keep a log of what's taking place without taking any action to stop potential attacks. The logs that you'll find in the very same section of the CP are very detailed and include information about the attacker IP, what website and file were attacked and in what way, what rule the firewall employed to prevent the intrusion, etc. This data shall enable you to take measures and enhance the security of your websites even more. To be on the safe side, we use not just commercial rules, but also custom-made ones that our administrators include every time they identify attacks which have not yet been included within the commercial pack.