ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to a site without affecting its performance and if it identifies an intrusion attempt, it prevents it. The firewall also keeps a more detailed log for the site visitors than any web server does, so you will be able to keep an eye on what is going on with your sites better than if you rely only on standard logs. ModSecurity employs security rules based on which it helps prevent attacks. For instance, it detects whether someone is trying to log in to the administration area of a specific script a number of times or if a request is sent to execute a file with a certain command. In such instances these attempts trigger the corresponding rules and the firewall hinders the attempts immediately, after that records comprehensive info about them inside its logs. ModSecurity is amongst the most effective software firewalls available and it could easily protect your web applications against a large number of threats and vulnerabilities, particularly if you don’t update them or their plugins often.
ModSecurity in Cloud Hosting
ModSecurity comes standard with all cloud hosting solutions which we provide and it'll be switched on automatically for any domain or subdomain you add/create in your Hepsia hosting CP. The firewall has 3 different modes, so you can switch on and deactivate it with a click or set it to detection mode, so it shall maintain a log of all attacks, but it shall not do anything to prevent them. The log for each of your Internet sites will contain detailed information which includes the nature of the attack, where it came from, what action was taken by ModSecurity, etc. The firewall rules we use are regularly updated and include both commercial ones we get from a third-party security firm and custom ones that our system administrators include in case that they detect a new kind of attacks. In this way, the sites which you host here will be way more protected with no action expected on your end.
ModSecurity in Semi-dedicated Servers
ModSecurity is part of our semi-dedicated server packages and if you opt to host your sites with our company, there won't be anything special you'll have to do given that the firewall is switched on by default for all domains and subdomains that you include via your hosting Control Panel. If required, you can disable ModSecurity for a particular website or activate the so-called detection mode in which case the firewall will still function and record data, but shall not do anything to stop possible attacks against your websites. In depth logs shall be available in your CP and you'll be able to see which kind of attacks occurred, what security rules were triggered and how the firewall addressed the threats, what IP addresses the attacks originated from, and so on. We employ two kinds of rules on our servers - commercial ones from a business that operates in the field of web security, and customized ones which our administrators occasionally add to respond to newly found risks on time.
ModSecurity in VPS Servers
ModSecurity is provided with all Hepsia-based VPS servers which we offer and it shall be turned on automatically for any new domain or subdomain which you add on the web server. This way, any web app that you install shall be protected immediately without doing anything manually on your end. The firewall can be managed from the section of the CP which has the same name. This is the location whereyou could switch off ModSecurity or enable its passive mode, so it shall not take any action against threats, but shall still maintain a thorough log. The recorded information is available within the same area as well and you shall be able to see what IPs any attacks originated from so that you can block them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity responded. The rules that we use on our servers are a blend between commercial ones that we obtain from a security company and custom ones that are added by our staff to maximize the security of any web apps hosted on our end.
ModSecurity in Dedicated Servers
ModSecurity comes with all dedicated servers that are set up with our Hepsia Control Panel and you'll not have to do anything specific on your end to employ it because it's enabled by default whenever you include a new domain or subdomain on your hosting server. In the event that it interferes with any of your applications, you'll be able to stop it via the respective area of Hepsia, or you can leave it in passive mode, so it shall recognize attacks and will still keep a log for them, but shall not stop them. You may analyze the logs later to determine what you can do to boost the protection of your Internet sites since you'll find information such as where an intrusion attempt came from, what site was attacked and based on what rule ModSecurity reacted, and so on. The rules that we use are commercial, hence they are constantly updated by a security provider, but to be on the safe side, our administrators also include custom rules occasionally as to deal with any new threats they have found.