ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to a website without affecting its functionality and if it discovers an intrusion attempt, it prevents it. The firewall also keeps a more detailed log for the site visitors than any web server does, so you'll manage to monitor what's happening with your Internet sites a lot better than if you rely merely on standard logs. ModSecurity uses security rules based on which it prevents attacks. For instance, it identifies whether anyone is attempting to log in to the administrator area of a particular script several times or if a request is sent to execute a file with a particular command. In these circumstances these attempts trigger the corresponding rules and the firewall program hinders the attempts instantly, and then records in-depth information about them within its logs. ModSecurity is one of the best software firewalls on the market and it can easily protect your web applications against a large number of threats and vulnerabilities, particularly if you don’t update them or their plugins often.
ModSecurity in Hosting
ModSecurity is available with every hosting package that we offer and it is switched on by default for every domain or subdomain that you include via your Hepsia Control Panel. If it interferes with any of your applications or you would like to disable it for any reason, you will be able to do this through the ModSecurity area of Hepsia with only a mouse click. You may also activate a passive mode, so the firewall will discover possible attacks and maintain a log, but shall not take any action. You can view detailed logs in the very same section, including the IP where the attack originated from, what precisely the attacker aimed to do and at what time, what ModSecurity did, etc. For maximum security of our clients we use a set of commercial firewall rules mixed with custom ones which are provided by our system admins.
ModSecurity in Dedicated Servers Hosting
ModSecurity is included with all dedicated servers that are integrated with our Hepsia Control Panel and you won't have to do anything specific on your end to employ it because it's turned on by default each time you include a new domain or subdomain on your server. In case it disrupts some of your applications, you will be able to stop it via the respective part of Hepsia, or you may leave it operating in passive mode, so it shall detect attacks and shall still maintain a log for them, but won't stop them. You'll be able to analyze the logs later to determine what you can do to boost the security of your Internet sites as you will find information such as where an intrusion attempt came from, what website was attacked and in accordance with what rule ModSecurity reacted, and so forth. The rules that we use are commercial, hence they are regularly updated by a security provider, but to be on the safe side, our admins also add custom rules from time to time as to deal with any new threats they have identified.