ModSecurity is a highly effective web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to a site without affecting its performance and if it discovers an intrusion attempt, it blocks it. The firewall also maintains a more comprehensive log for the site visitors than any web server does, so you shall be able to monitor what is going on with your sites a lot better than if you rely simply on standard logs. ModSecurity employs security rules based on which it helps prevent attacks. For instance, it identifies whether somebody is trying to log in to the administration area of a certain script a number of times or if a request is sent to execute a file with a particular command. In these circumstances these attempts set off the corresponding rules and the firewall program blocks the attempts immediately, then records in-depth information about them within its logs. ModSecurity is one of the most effective software firewalls available and it can protect your web applications against a huge number of threats and vulnerabilities, particularly in case you don’t update them or their plugins often.
ModSecurity in Shared Hosting
We provide ModSecurity with all shared hosting packages, so your web apps will be resistant to harmful attacks. The firewall is switched on as standard for all domains and subdomains, but if you'd like, you'll be able to stop it using the respective section of your Hepsia Control Panel. You could also switch on a detection mode, so ModSecurity will keep a log as intended, but will not take any action. The logs which you'll discover inside Hepsia are incredibly detailed and feature data about the nature of any attack, when it occurred and from what IP, the firewall rule which was triggered, etcetera. We employ a range of commercial rules which are often updated, but sometimes our administrators add custom rules as well so as to efficiently protect the websites hosted on our machines.
ModSecurity in Semi-dedicated Hosting
Any web app you install inside your new semi-dedicated hosting account shall be protected by ModSecurity because the firewall is included with all our hosting plans and is activated by default for any domain and subdomain that you add or create using your Hepsia hosting Control Panel. You'll be able to manage ModSecurity via a dedicated area inside Hepsia where not simply could you activate or deactivate it fully, but you may also switch on a passive mode, so the firewall will not block anything, but it will still maintain a record of potential attacks. This normally requires only a mouse click and you will be able to look at the logs regardless if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was taken care of, and so forth. The firewall uses two groups of rules on our machines - a commercial one that we get from a third-party web security firm and a custom one that our admins update personally as to respond to recently discovered risks immediately.