ModSecurity is a highly effective web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to an Internet site without affecting its overall performance and in case it discovers an intrusion attempt, it prevents it. The firewall additionally maintains a more comprehensive log for the website visitors than any web server does, so you'll manage to monitor what is going on with your sites much better than if you rely simply on conventional logs. ModSecurity works with security rules based on which it prevents attacks. For instance, it recognizes whether someone is trying to log in to the administration area of a specific script several times or if a request is sent to execute a file with a specific command. In such instances these attempts set off the corresponding rules and the firewall hinders the attempts instantly, after that records in-depth information about them within its logs. ModSecurity is among the very best software firewalls on the market and it can protect your web apps against many threats and vulnerabilities, particularly if you don’t update them or their plugins regularly.
ModSecurity in Shared Hosting
ModSecurity is provided with all shared hosting web servers, so when you opt to host your sites with our business, they will be shielded from a wide array of attacks. The firewall is enabled by default for all domains and subdomains, so there will be nothing you'll have to do on your end. You shall be able to stop ModSecurity for any website if required, or to activate a detection mode, so all activity shall be recorded, but the firewall will not take any real action. You will be able to view detailed logs through your Hepsia CP including the IP where the attack originated from, what the attacker wanted to do and how ModSecurity handled the threat. As we take the safety of our customers' websites seriously, we employ a selection of commercial rules which we take from one of the top companies which maintain such rules. Our admins also add custom rules to make certain that your sites will be protected against as many threats as possible.
ModSecurity in Dedicated Servers
All of our dedicated servers that are set up with the Hepsia hosting Control Panel feature ModSecurity, so any application that you upload or set up will be secured from the very beginning and you'll not have to worry about common attacks or vulnerabilities. A separate section in Hepsia will enable you to start or stop the firewall for any domain or subdomain, or switch on a detection mode so that it records details about intrusions, but does not take actions to stop them. What you will see in the logs can easily enable you to to secure your websites better - the IP address an attack came from, what website was attacked and in what way, what ModSecurity rule was triggered, etcetera. With this info, you could see whether an Internet site needs an update, whether you ought to block IPs from accessing your hosting server, etcetera. Besides the third-party commercial security rules for ModSecurity which we use, our admins add custom ones as well when they come across a new threat that is not yet included in the commercial bundle.