ModSecurity is a powerful web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to a website without affecting its performance and in case it discovers an intrusion attempt, it prevents it. The firewall additionally keeps a more comprehensive log for the website visitors than any web server does, so you will be able to keep track of what is happening with your Internet sites much better than if you rely only on conventional logs. ModSecurity works with security rules based on which it stops attacks. For example, it identifies whether someone is attempting to log in to the administrator area of a given script multiple times or if a request is sent to execute a file with a particular command. In such circumstances these attempts trigger the corresponding rules and the firewall software blocks the attempts immediately, and then records comprehensive details about them inside its logs. ModSecurity is among the very best software firewalls on the market and it can easily protect your web apps against a huge number of threats and vulnerabilities, particularly if you don’t update them or their plugins often.
ModSecurity in Website Hosting
ModSecurity is available with each website hosting solution that we offer and it is activated by default for every domain or subdomain that you include via your Hepsia Control Panel. In case it interferes with any of your applications or you'd like to disable it for whatever reason, you shall be able to do that through the ModSecurity area of Hepsia with simply a click. You may also enable a passive mode, so the firewall will identify potential attacks and maintain a log, but will not take any action. You'll be able to see detailed logs in the very same section, including the IP where the attack originated from, what exactly the attacker aimed to do and at what time, what ModSecurity did, and so forth. For maximum security of our clients we use a collection of commercial firewall rules combined with custom ones which are included by our system admins.
ModSecurity in Dedicated Servers
ModSecurity is included with all dedicated servers that are integrated with our Hepsia Control Panel and you will not need to do anything specific on your end to use it since it's switched on by default every time you include a new domain or subdomain on your server. In the event that it interferes with some of your applications, you will be able to stop it through the respective part of Hepsia, or you may leave it working in passive mode, so it'll detect attacks and shall still keep a log for them, but won't stop them. You can examine the logs later to determine what you can do to improve the safety of your sites as you will find information such as where an intrusion attempt came from, what website was attacked and based upon what rule ModSecurity responded, etc. The rules that we use are commercial, therefore they are constantly updated by a security firm, but to be on the safe side, our administrators also include custom rules occasionally in order to respond to any new threats they have found.