ModSecurity is a powerful web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to a site without affecting its operation and when it discovers an intrusion attempt, it prevents it. The firewall additionally maintains a more thorough log for the site visitors than any server does, so you will manage to monitor what's happening with your sites much better than if you rely simply on conventional logs. ModSecurity uses security rules based on which it prevents attacks. For instance, it recognizes if somebody is attempting to log in to the administrator area of a certain script several times or if a request is sent to execute a file with a particular command. In such cases these attempts trigger the corresponding rules and the firewall blocks the attempts right away, after that records comprehensive information about them inside its logs. ModSecurity is among the most effective software firewalls available and it can easily protect your web applications against a large number of threats and vulnerabilities, particularly in case you don’t update them or their plugins regularly.
ModSecurity in Web Hosting
We provide ModSecurity with all web hosting plans, so your Internet applications shall be resistant to destructive attacks. The firewall is turned on as standard for all domains and subdomains, but if you'd like, you will be able to stop it via the respective area of your Hepsia Control Panel. You can also activate a detection mode, so ModSecurity shall keep a log as intended, but will not take any action. The logs that you will find in Hepsia are extremely detailed and feature information about the nature of any attack, when it happened and from what IP address, the firewall rule which was triggered, etcetera. We employ a range of commercial rules that are constantly updated, but sometimes our administrators include custom rules as well in order to better protect the Internet sites hosted on our servers.
ModSecurity in Semi-dedicated Hosting
ModSecurity is part of our semi-dedicated hosting plans and if you choose to host your Internet sites with our company, there will not be anything special you will have to do since the firewall is turned on by default for all domains and subdomains which you include using your hosting Control Panel. If needed, you'll be able to disable ModSecurity for a certain Internet site or enable the so-called detection mode in which case the firewall will still function and record data, but shall not do anything to stop possible attacks against your websites. Comprehensive logs shall be readily available inside your CP and you shall be able to see what sort of attacks happened, what security rules were triggered and how the firewall handled the threats, what Internet protocol addresses the attacks came from, and so on. We use 2 types of rules on our servers - commercial ones from a firm that operates in the field of web security, and customized ones that our administrators often include to respond to newly identified threats on time.