ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to an Internet site without affecting its functionality and in case it identifies an intrusion attempt, it prevents it. The firewall furthermore keeps a more detailed log for the website visitors than any web server does, so you will manage to monitor what's happening with your sites better than if you rely merely on conventional logs. ModSecurity employs security rules based on which it prevents attacks. For example, it detects whether somebody is attempting to log in to the administrator area of a given script a number of times or if a request is sent to execute a file with a specific command. In such cases these attempts set off the corresponding rules and the firewall software blocks the attempts instantly, and then records in-depth details about them within its logs. ModSecurity is among the very best software firewalls out there and it can protect your web apps against many threats and vulnerabilities, especially in case you don’t update them or their plugins regularly.
ModSecurity in Cloud Website Hosting
We offer ModSecurity with all cloud website hosting plans, so your web apps will be protected against harmful attacks. The firewall is activated by default for all domains and subdomains, but in case you'd like, you'll be able to stop it through the respective part of your Hepsia CP. You could also switch on a detection mode, so ModSecurity will keep a log as intended, but won't take any action. The logs that you'll find inside Hepsia are incredibly detailed and include info about the nature of any attack, when it occurred and from what IP address, the firewall rule that was triggered, and so on. We use a range of commercial rules which are regularly updated, but sometimes our admins add custom rules as well so as to better protect the Internet sites hosted on our machines.
ModSecurity in Semi-dedicated Hosting
ModSecurity is part of our semi-dedicated hosting solutions and if you choose to host your websites with our company, there will not be anything special you'll have to do as the firewall is activated by default for all domains and subdomains which you add through your hosting Control Panel. If needed, you'll be able to disable ModSecurity for a given site or turn on the so-called detection mode in which case the firewall shall still operate and record info, but will not do anything to prevent potential attacks against your websites. In depth logs shall be available inside your Control Panel and you will be able to see which kind of attacks took place, what security rules were triggered and how the firewall addressed the threats, what IP addresses the attacks originated from, and so on. We use two kinds of rules on our servers - commercial ones from a business which operates in the field of web security, and custom made ones that our administrators often add to respond to newly identified risks promptly.
ModSecurity in VPS
Safety is of the utmost importance to us, so we install ModSecurity on all virtual private servers that are made available with the Hepsia CP by default. The firewall can be managed via a dedicated section inside Hepsia and is activated automatically when you add a new domain or generate a subdomain, so you will not need to do anything by hand. You shall also be able to deactivate it or turn on the so-called detection mode, so it'll keep a log of possible attacks you can later study, but won't stop them. The logs in both passive and active modes offer details regarding the form of the attack and how it was stopped, what IP it came from and other valuable data that could help you to tighten the security of your sites by updating them or blocking IPs, for example. In addition to the commercial rules which we get for ModSecurity from a third-party security enterprise, we also employ our own rules because occasionally we identify specific attacks which aren't yet present inside the commercial pack. That way, we could enhance the protection of your Virtual private server in a timely manner rather than waiting for a certified update.
ModSecurity in Dedicated Hosting
ModSecurity comes with all dedicated servers that are integrated with our Hepsia CP and you will not need to do anything specific on your end to employ it because it is activated by default each time you include a new domain or subdomain on your web server. In case it disrupts some of your apps, you shall be able to stop it via the respective section of Hepsia, or you may leave it working in passive mode, so it'll detect attacks and will still keep a log for them, but won't stop them. You could examine the logs later to learn what you can do to increase the security of your websites as you will find details such as where an intrusion attempt came from, what website was attacked and in accordance with what rule ModSecurity reacted, etc. The rules we employ are commercial, hence they're frequently updated by a security firm, but to be on the safe side, our staff also add custom rules occasionally as to react to any new threats they have discovered.