ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to an Internet site without affecting its overall performance and if it detects an intrusion attempt, it blocks it. The firewall also keeps a more detailed log for the site visitors than any web server does, so you'll be able to keep an eye on what is going on with your websites a lot better than if you rely only on standard logs. ModSecurity employs security rules based on which it prevents attacks. For instance, it recognizes whether anyone is attempting to log in to the administrator area of a particular script multiple times or if a request is sent to execute a file with a specific command. In these circumstances these attempts trigger the corresponding rules and the firewall software blocks the attempts instantly, and then records in-depth details about them in its logs. ModSecurity is amongst the most effective software firewalls on the market and it can protect your web applications against many threats and vulnerabilities, particularly if you don’t update them or their plugins often.
ModSecurity in Cloud Web Hosting
ModSecurity is supplied with all cloud web hosting
machines, so if you opt to host your Internet sites with our organization, they will be resistant to a wide range of attacks. The firewall is enabled as standard for all domains and subdomains, so there will be nothing you'll have to do on your end. You shall be able to stop ModSecurity for any Internet site if required, or to switch on a detection mode, so all activity shall be recorded, but the firewall shall not take any real action. You will be able to view specific logs from your Hepsia CP including the IP address where the attack came from, what the attacker wanted to do and how ModSecurity dealt with the threat. As we take the protection of our customers' websites very seriously, we use a group of commercial rules which we take from one of the top firms that maintain such rules. Our admins also add custom rules to ensure that your sites shall be shielded from as many risks as possible.
ModSecurity in Semi-dedicated Servers
Any web program that you set up inside your new semi-dedicated server
account will be protected by ModSecurity because the firewall is provided with all our hosting plans and is activated by default for any domain and subdomain that you include or create via your Hepsia hosting CP. You shall be able to manage ModSecurity via a dedicated section in Hepsia where not only could you activate or deactivate it fully, but you could also switch on a passive mode, so the firewall will not block anything, but it shall still keep a record of potential attacks. This normally requires simply a click and you'll be able to view the logs no matter if ModSecurity is in passive or active mode through the same section - what the attack was and where it originated from, how it was handled, and so on. The firewall uses 2 sets of rules on our machines - a commercial one that we get from a third-party web security provider and a custom one that our admins update personally in order to respond to recently discovered risks as quickly as possible.
ModSecurity in VPS Servers
ModSecurity is pre-installed on all VPS servers
which are set up with the Hepsia hosting Control Panel, so your web applications shall be secured from the instant your server is in a position. The firewall is turned on by default for any domain or subdomain on the VPS, but if required, you can deactivate it with a click from the corresponding section of Hepsia. You could also set it to operate in detection mode, so it shall maintain a detailed log of any possible attacks without taking any action to stop them. The logs are available inside the very same section and include info about the nature of the attack, what IP address it originated from and what ModSecurity rule was activated to stop it. For best security, we use not just commercial rules from a business working in the field of web security, but also custom ones that our administrators include manually in order to respond to new threats which are still not dealt with in the commercial rules.
ModSecurity in Dedicated Servers
ModSecurity is available by default with all dedicated servers
that are set up with the Hepsia CP and is set to “Active” automatically for any domain you host or subdomain which you create on the hosting server. Just in case that a web application does not operate adequately, you may either switch off the firewall or set it to operate in passive mode. The second means that ModSecurity will keep a log of any possible attack which may take place, but will not take any action to stop it. The logs generated in passive or active mode shall present you with additional details about the exact file that was attacked, the nature of the attack and the IP address it came from, etcetera. This information will permit you to choose what actions you can take to improve the safety of your Internet sites, for instance blocking IPs or performing script and plugin updates. The ModSecurity rules we use are updated frequently with a commercial bundle from a third-party security firm we work with, but from time to time our administrators include their own rules as well if they come across a new potential threat.