ModSecurity is a highly effective web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to a website without affecting its operation and if it detects an intrusion attempt, it blocks it. The firewall additionally keeps a more detailed log for the traffic than any server does, so you'll manage to keep track of what is going on with your sites a lot better than if you rely simply on standard logs. ModSecurity employs security rules based on which it prevents attacks. For example, it identifies whether someone is trying to log in to the admin area of a certain script several times or if a request is sent to execute a file with a specific command. In such cases these attempts set off the corresponding rules and the firewall software hinders the attempts in real time, and then records comprehensive information about them inside its logs. ModSecurity is amongst the best software firewalls available and it can easily protect your web apps against many threats and vulnerabilities, particularly if you don’t update them or their plugins regularly.
ModSecurity in Cloud Website Hosting
We provide ModSecurity with all cloud website hosting plans, so your Internet applications shall be resistant to harmful attacks. The firewall is activated by default for all domains and subdomains, but in case you'd like, you shall be able to stop it through the respective area of your Hepsia Control Panel. You could also activate a detection mode, so ModSecurity shall keep a log as intended, but shall not take any action. The logs that you'll discover in Hepsia are incredibly detailed and feature data about the nature of any attack, when it occurred and from what IP, the firewall rule that was triggered, and so on. We employ a range of commercial rules that are often updated, but sometimes our admins include custom rules as well in order to better protect the Internet sites hosted on our servers.
ModSecurity in Semi-dedicated Hosting
ModSecurity is part of our semi-dedicated hosting packages and if you opt to host your Internet sites with us, there shall not be anything special you'll have to do given that the firewall is turned on by default for all domains and subdomains you add through your hosting CP. If needed, you can disable ModSecurity for a certain Internet site or turn on the so-called detection mode in which case the firewall will still function and record info, but shall not do anything to prevent potential attacks against your Internet sites. Thorough logs shall be accessible within your Control Panel and you will be able to see which kind of attacks took place, what security rules were triggered and how the firewall dealt with the threats, what Internet protocol addresses the attacks came from, etcetera. We use 2 kinds of rules on our servers - commercial ones from a business which operates in the field of web security, and customized ones which our administrators often include to respond to newly discovered threats promptly.
ModSecurity in VPS Web Hosting
Safety is extremely important to us, so we install ModSecurity on all virtual private servers that are made available with the Hepsia Control Panel by default. The firewall can be managed via a dedicated section in Hepsia and is switched on automatically when you add a new domain or create a subdomain, so you will not have to do anything manually. You will also be able to disable it or turn on the so-called detection mode, so it will keep a log of potential attacks which you can later examine, but will not block them. The logs in both passive and active modes include details regarding the type of the attack and how it was eliminated, what IP address it came from and other important info which might help you to tighten the security of your sites by updating them or blocking IPs, for instance. Besides the commercial rules which we get for ModSecurity from a third-party security company, we also use our own rules since from time to time we discover specific attacks that are not yet present inside the commercial package. This way, we could enhance the security of your Virtual private server promptly instead of waiting for a certified update.
ModSecurity in Dedicated Servers Hosting
ModSecurity is available by default with all dedicated servers which are set up with the Hepsia CP and is set to “Active” automatically for any domain that you host or subdomain you create on the hosting server. In the event that a web app doesn't work properly, you can either turn off the firewall or set it to function in passive mode. The latter means that ModSecurity will maintain a log of any possible attack which could take place, but won't take any action to prevent it. The logs created in passive or active mode will present you with additional details about the exact file that was attacked, the nature of the attack and the IP address it originated from, and so on. This information shall enable you to choose what measures you can take to enhance the protection of your sites, for instance blocking IPs or performing script and plugin updates. The ModSecurity rules that we use are updated often with a commercial bundle from a third-party security enterprise we work with, but sometimes our staff include their own rules as well in case they identify a new potential threat.