ModSecurity is a powerful web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to an Internet site without affecting its functionality and when it discovers an intrusion attempt, it prevents it. The firewall furthermore keeps a more comprehensive log for the traffic than any server does, so you will manage to monitor what's happening with your sites much better than if you rely merely on conventional logs. ModSecurity works with security rules based on which it prevents attacks. For example, it recognizes whether someone is attempting to log in to the administration area of a specific script multiple times or if a request is sent to execute a file with a specific command. In these circumstances these attempts set off the corresponding rules and the firewall hinders the attempts in real time, and then records comprehensive info about them inside its logs. ModSecurity is one of the best software firewalls on the market and it can easily protect your web applications against a large number of threats and vulnerabilities, especially if you don’t update them or their plugins often.
ModSecurity in Semi-dedicated Hosting
ModSecurity is part of our semi-dedicated hosting solutions and if you choose to host your Internet sites with our company, there will not be anything special you'll have to do as the firewall is activated by default for all domains and subdomains you add via your hosting CP. If required, you can disable ModSecurity for a particular website or enable the so-called detection mode in which case the firewall shall still operate and record data, but won't do anything to prevent possible attacks against your Internet sites. In depth logs shall be available in your CP and you shall be able to see what sort of attacks occurred, what security rules were triggered and how the firewall handled the threats, what Internet protocol addresses the attacks came from, and so forth. We use 2 sorts of rules on our servers - commercial ones from an organization which operates in the field of web security, and custom ones which our admins often include to respond to newly found risks on time.
ModSecurity in Dedicated Web Hosting
ModSecurity comes with all dedicated servers that are set up with our Hepsia CP and you'll not need to do anything specific on your end to use it as it is enabled by default each time you add a new domain or subdomain on your server. In the event that it disrupts any of your applications, you'll be able to stop it via the respective area of Hepsia, or you can leave it in passive mode, so it will recognize attacks and will still maintain a log for them, but shall not block them. You could analyze the logs later to learn what you can do to enhance the security of your Internet sites as you'll find details such as where an intrusion attempt came from, what Internet site was attacked and based on what rule ModSecurity reacted, etcetera. The rules we use are commercial, hence they're frequently updated by a security provider, but to be on the safe side, our staff also add custom rules once in a while as to deal with any new threats they have discovered.