ModSecurity is a powerful web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to a site without affecting its overall performance and if it identifies an intrusion attempt, it blocks it. The firewall also keeps a more thorough log for the site visitors than any web server does, so you shall be able to monitor what's happening with your sites much better than if you rely simply on standard logs. ModSecurity employs security rules based on which it stops attacks. For instance, it identifies whether anyone is trying to log in to the administrator area of a given script multiple times or if a request is sent to execute a file with a certain command. In these circumstances these attempts trigger the corresponding rules and the firewall program blocks the attempts instantly, after that records comprehensive details about them inside its logs. ModSecurity is among the very best software firewalls on the market and it could easily protect your web apps against a huge number of threats and vulnerabilities, especially if you don’t update them or their plugins often.
ModSecurity in Cloud Hosting
ModSecurity is supplied with all cloud hosting web servers, so if you decide to host your websites with our organization, they will be resistant to a wide array of attacks. The firewall is enabled as standard for all domains and subdomains, so there shall be nothing you will need to do on your end. You shall be able to stop ModSecurity for any Internet site if required, or to activate a detection mode, so all activity shall be recorded, but the firewall shall not take any real action. You'll be able to view specific logs using your Hepsia CP including the IP address where the attack originated from, what the attacker wished to do and how ModSecurity handled the threat. As we take the safety of our clients' websites seriously, we employ a set of commercial rules that we get from one of the leading companies which maintain this sort of rules. Our admins also include custom rules to make certain that your sites will be resistant to as many risks as possible.
ModSecurity in Semi-dedicated Servers
All semi-dedicated server packages which we offer include ModSecurity and given that the firewall is enabled by default, any website you set up under a domain or a subdomain will be protected straight away. An independent section in the Hepsia CP which comes with the semi-dedicated accounts is dedicated to ModSecurity and it will allow you to start and stop the firewall for any website or activate a detection mode. With the last mentioned, ModSecurity will not take any action, but it shall still recognize possible attacks and will keep all information in a log as if it were fully active. The logs could be found in the same section of the CP and they feature info about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to identify and stop it, and so forth. The security rules we use on our servers are a mix between commercial ones from a security business and custom ones developed by our system administrators. For that reason, we offer higher security for your web applications as we can defend them from attacks even before security companies release updates for brand new threats.
ModSecurity in VPS Servers
Protection is extremely important to us, so we set up ModSecurity on all VPS servers which are made available with the Hepsia CP as a standard. The firewall can be managed via a dedicated section within Hepsia and is activated automatically when you add a new domain or create a subdomain, so you will not have to do anything personally. You shall also be able to deactivate it or activate the so-called detection mode, so it shall maintain a log of potential attacks which you can later examine, but will not prevent them. The logs in both passive and active modes contain details regarding the type of the attack and how it was eliminated, what IP it came from and other useful data which might help you to tighten the security of your Internet sites by updating them or blocking IPs, for example. Besides the commercial rules we get for ModSecurity from a third-party security firm, we also use our own rules since once in a while we identify specific attacks that aren't yet present within the commercial group. That way, we can easily increase the security of your Virtual private server right away as opposed to awaiting an official update.
ModSecurity in Dedicated Servers
ModSecurity is provided with all dedicated servers which are integrated with our Hepsia Control Panel and you'll not need to do anything specific on your end to employ it since it is turned on by default each time you add a new domain or subdomain on your hosting server. If it disrupts any of your apps, you'll be able to stop it through the respective section of Hepsia, or you could leave it in passive mode, so it'll identify attacks and shall still keep a log for them, but will not prevent them. You'll be able to look at the logs later to find out what you can do to increase the safety of your sites as you'll find details such as where an intrusion attempt originated from, what site was attacked and based upon what rule ModSecurity reacted, and so on. The rules that we use are commercial, hence they are constantly updated by a security firm, but to be on the safe side, our admins also include custom rules once in a while in order to respond to any new threats they have found.