ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to a site without affecting its functionality and in case it discovers an intrusion attempt, it blocks it. The firewall additionally maintains a more thorough log for the traffic than any web server does, so you will be able to keep track of what is going on with your websites better than if you rely merely on standard logs. ModSecurity uses security rules based on which it helps prevent attacks. For instance, it identifies if someone is trying to log in to the administration area of a certain script multiple times or if a request is sent to execute a file with a particular command. In these circumstances these attempts set off the corresponding rules and the firewall program hinders the attempts right away, then records comprehensive information about them inside its logs. ModSecurity is one of the most effective software firewalls out there and it can easily protect your web apps against many threats and vulnerabilities, especially in case you don’t update them or their plugins frequently.
ModSecurity in Cloud Hosting
ModSecurity can be found with each and every cloud hosting
plan which we provide and it's turned on by default for any domain or subdomain which you add through your Hepsia Control Panel. If it disrupts any of your apps or you would like to disable it for some reason, you'll be able to do that through the ModSecurity area of Hepsia with only a click. You can also activate a passive mode, so the firewall will discover potential attacks and maintain a log, but won't take any action. You can see detailed logs in the very same section, including the IP where the attack originated from, exactly what the attacker tried to do and at what time, what ModSecurity did, etcetera. For maximum protection of our clients we use a collection of commercial firewall rules blended with custom ones that are provided by our system administrators.
ModSecurity in Semi-dedicated Servers
ModSecurity is a part of our semi-dedicated server
packages and if you opt to host your sites with us, there won't be anything special you'll need to do as the firewall is switched on by default for all domains and subdomains you add through your hosting Control Panel. If necessary, you can disable ModSecurity for a certain Internet site or switch on the so-called detection mode in which case the firewall will still work and record info, but won't do anything to prevent possible attacks against your Internet sites. Detailed logs shall be accessible inside your Control Panel and you shall be able to see what type of attacks happened, what security rules were triggered and how the firewall addressed the threats, what IP addresses the attacks came from, and so on. We use 2 sorts of rules on our servers - commercial ones from a firm which operates in the field of web security, and customized ones that our admins occasionally add to respond to newly found threats on time.
ModSecurity in VPS Servers
All VPS servers
that are set up with the Hepsia Control Panel include ModSecurity. The firewall is set up and turned on by default for all domains which are hosted on the web server, so there won't be anything special which you'll need to do to protect your websites. It'll take you a mouse click to stop ModSecurity if necessary or to switch on its passive mode so that it records what happens without taking any steps to prevent intrusions. You'll be able to view the logs created in passive or active mode via the corresponding section of Hepsia and discover more about the type of the attack, where it came from, what rule the firewall used to take care of it, etc. We employ a mix of commercial and custom rules in order to ensure that ModSecurity shall stop as many threats as possible, therefore increasing the security of your web programs as much as possible.
ModSecurity in Dedicated Servers
All of our dedicated servers
that are set up with the Hepsia hosting Control Panel feature ModSecurity, so any program which you upload or set up shall be properly secured from the very beginning and you will not have to concern yourself with common attacks or vulnerabilities. An individual section in Hepsia will enable you to start or stop the firewall for every domain or subdomain, or switch on a detection mode so that it records information regarding intrusions, but does not take actions to stop them. What you will discover in the logs can easily help you to secure your sites better - the IP an attack originated from, what website was attacked as well as how, what ModSecurity rule was triggered, etc. With this information, you'll be able to see if a site needs an update, whether you need to block IPs from accessing your server, and so forth. In addition to the third-party commercial security rules for ModSecurity we use, our administrators include custom ones too when they discover a new threat that's not yet a part of the commercial bundle.