ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to an Internet site without affecting its operation and in case it identifies an intrusion attempt, it blocks it. The firewall additionally keeps a more detailed log for the site visitors than any web server does, so you will be able to keep an eye on what is happening with your sites much better than if you rely only on conventional logs. ModSecurity employs security rules based on which it stops attacks. For example, it recognizes if someone is attempting to log in to the admin area of a given script a number of times or if a request is sent to execute a file with a certain command. In such instances these attempts set off the corresponding rules and the firewall software hinders the attempts right away, after that records in-depth information about them in its logs. ModSecurity is amongst the best software firewalls on the market and it can easily protect your web applications against thousands of threats and vulnerabilities, particularly if you don’t update them or their plugins frequently.
ModSecurity in Cloud Web Hosting
We offer ModSecurity with all cloud web hosting plans, so your web apps shall be resistant to harmful attacks. The firewall is switched on as standard for all domains and subdomains, but in case you'd like, you will be able to stop it through the respective area of your Hepsia CP. You'll be able to also activate a detection mode, so ModSecurity shall keep a log as intended, but shall not take any action. The logs that you will find in Hepsia are incredibly detailed and include data about the nature of any attack, when it occurred and from what IP, the firewall rule that was triggered, and so on. We use a group of commercial rules that are often updated, but sometimes our administrators add custom rules as well so as to better protect the sites hosted on our machines.
ModSecurity in Semi-dedicated Hosting
ModSecurity is a part of our semi-dedicated hosting plans and if you choose to host your sites with our company, there shall not be anything special you will have to do given that the firewall is turned on by default for all domains and subdomains which you add through your hosting Control Panel. If necessary, you can disable ModSecurity for a certain Internet site or enable the so-called detection mode in which case the firewall shall still function and record data, but won't do anything to prevent possible attacks on your sites. In depth logs shall be available within your CP and you will be able to see which kind of attacks happened, what security rules were triggered and how the firewall dealt with the threats, what IP addresses the attacks originated from, and so on. We employ 2 types of rules on our servers - commercial ones from a company which operates in the field of web security, and customized ones that our admins occasionally add to respond to newly discovered threats promptly.
ModSecurity in VPS Hosting
ModSecurity is pre-installed on all virtual private servers which are set up with the Hepsia hosting CP, so your web applications will be secured from the moment your server is in a position. The firewall is activated by default for any domain or subdomain on the VPS, but if necessary, you'll be able to disable it with a mouse click via the corresponding section of Hepsia. You may also set it to operate in detection mode, so it'll maintain a comprehensive log of any possible attacks without taking any action to prevent them. The logs can be found inside the same section and include details about the nature of the attack, what IP it originated from and what ModSecurity rule was triggered to stop it. For best security, we use not just commercial rules from a company working in the field of web security, but also custom ones that our admins add personally so as to respond to new risks which are still not addressed in the commercial rules.
ModSecurity in Dedicated Web Hosting
ModSecurity is available as standard with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain you host or subdomain which you create on the server. In case that a web app does not function properly, you can either turn off the firewall or set it to operate in passive mode. The second means that ModSecurity shall maintain a log of any potential attack which might occur, but won't take any action to stop it. The logs created in passive or active mode shall give you more details about the exact file which was attacked, the type of the attack and the IP address it originated from, and so on. This data will enable you to determine what steps you can take to increase the security of your sites, for instance blocking IPs or performing script and plugin updates. The ModSecurity rules we use are updated regularly with a commercial bundle from a third-party security enterprise we work with, but sometimes our staff include their own rules as well in the event that they identify a new potential threat.