ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to a site without affecting its overall performance and if it detects an intrusion attempt, it prevents it. The firewall furthermore maintains a more thorough log for the website visitors than any web server does, so you will manage to keep an eye on what's going on with your Internet sites better than if you rely merely on standard logs. ModSecurity works with security rules based on which it stops attacks. For instance, it recognizes whether someone is attempting to log in to the administrator area of a given script several times or if a request is sent to execute a file with a certain command. In such instances these attempts set off the corresponding rules and the firewall program blocks the attempts instantly, and then records detailed info about them in its logs. ModSecurity is amongst the very best software firewalls out there and it could easily protect your web applications against many threats and vulnerabilities, particularly if you don’t update them or their plugins often.
ModSecurity in Shared Hosting
We provide ModSecurity with all shared hosting solutions, so your web apps will be shielded from harmful attacks. The firewall is turned on as standard for all domains and subdomains, but in case you'd like, you will be able to stop it using the respective part of your Hepsia CP. You can also activate a detection mode, so ModSecurity shall keep a log as intended, but won't take any action. The logs which you shall find within Hepsia are very detailed and feature information about the nature of any attack, when it occurred and from what IP address, the firewall rule which was triggered, etcetera. We employ a range of commercial rules that are often updated, but sometimes our admins include custom rules as well so as to better protect the websites hosted on our machines.
ModSecurity in VPS
Safety is extremely important to us, so we set up ModSecurity on all virtual private servers that are provided with the Hepsia CP as a standard. The firewall could be managed through a dedicated section in Hepsia and is turned on automatically when you add a new domain or generate a subdomain, so you will not have to do anything manually. You will also be able to disable it or switch on the so-called detection mode, so it shall keep a log of possible attacks that you can later analyze, but shall not block them. The logs in both passive and active modes contain information regarding the kind of the attack and how it was eliminated, what IP it came from and other important information which may help you to tighten the security of your websites by updating them or blocking IPs, for example. On top of the commercial rules that we get for ModSecurity from a third-party security company, we also implement our own rules because occasionally we detect specific attacks which aren't yet present within the commercial group. This way, we can easily boost the security of your VPS promptly rather than waiting for a certified update.