ModSecurity is a highly effective web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its overall performance and in case it discovers an intrusion attempt, it prevents it. The firewall furthermore maintains a more comprehensive log for the website visitors than any web server does, so you shall be able to keep track of what is happening with your websites much better than if you rely only on standard logs. ModSecurity uses security rules based on which it helps prevent attacks. For instance, it detects if somebody is attempting to log in to the administrator area of a certain script a number of times or if a request is sent to execute a file with a particular command. In these situations these attempts set off the corresponding rules and the firewall program hinders the attempts immediately, and then records detailed information about them in its logs. ModSecurity is among the most effective software firewalls out there and it can easily protect your web apps against many threats and vulnerabilities, especially if you don’t update them or their plugins regularly.
ModSecurity in Shared Web Hosting
ModSecurity is available with each and every shared web hosting package which we offer and it's turned on by default for any domain or subdomain that you include via your Hepsia CP. In the event that it disrupts any of your programs or you'd like to disable it for any reason, you'll be able to do this through the ModSecurity section of Hepsia with only a mouse click. You can also use a passive mode, so the firewall will identify potential attacks and maintain a log, but shall not take any action. You could view extensive logs in the exact same section, including the IP address where the attack originated from, exactly what the attacker aimed to do and at what time, what ModSecurity did, and so on. For optimum security of our customers we use a group of commercial firewall rules combined with custom ones which are provided by our system admins.
ModSecurity in Semi-dedicated Hosting
We've incorporated ModSecurity by default within all semi-dedicated hosting products, so your web apps will be protected whenever you install them under any domain or subdomain. The Hepsia Control Panel which comes with the semi-dedicated accounts shall permit you to enable or turn off the firewall for any website with a mouse click. You will also be able to activate a passive detection mode through which ModSecurity will keep a log of possible attacks without actually stopping them. The comprehensive logs include the nature of the attack and what ModSecurity response this attack initiated, where it originated from, etcetera. The list of rules that we use is frequently updated in order to match any new threats that may appear on the Internet and it includes both commercial rules that we get from a security corporation and custom-written ones which our admins add in case they discover a threat which is not present inside the commercial list yet.
ModSecurity in Dedicated Web Hosting
ModSecurity is provided as standard with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain which you host or subdomain that you create on the hosting server. Just in case that a web app does not function adequately, you may either disable the firewall or set it to function in passive mode. The second means that ModSecurity will keep a log of any possible attack which may take place, but won't take any action to stop it. The logs generated in active or passive mode will give you more details about the exact file that was attacked, the form of the attack and the IP it originated from, etc. This data shall permit you to choose what steps you can take to improve the security of your sites, for instance blocking IPs or carrying out script and plugin updates. The ModSecurity rules that we employ are updated regularly with a commercial bundle from a third-party security provider we work with, but occasionally our administrators add their own rules too if they discover a new potential threat.