ModSecurity is a highly effective web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a site without affecting its performance and in case it identifies an intrusion attempt, it blocks it. The firewall additionally maintains a more thorough log for the site visitors than any server does, so you shall be able to monitor what's going on with your Internet sites a lot better than if you rely simply on standard logs. ModSecurity employs security rules based on which it prevents attacks. For instance, it detects whether somebody is attempting to log in to the administration area of a specific script a number of times or if a request is sent to execute a file with a particular command. In such circumstances these attempts trigger the corresponding rules and the firewall program blocks the attempts right away, and then records detailed info about them inside its logs. ModSecurity is amongst the very best software firewalls available and it can protect your web apps against a huge number of threats and vulnerabilities, particularly if you don’t update them or their plugins often.
ModSecurity in Cloud Web Hosting
ModSecurity is available on all cloud web hosting web servers, so if you opt to host your sites with our firm, they'll be resistant to a wide array of attacks. The firewall is enabled as standard for all domains and subdomains, so there will be nothing you will need to do on your end. You shall be able to stop ModSecurity for any website if needed, or to activate a detection mode, so all activity shall be recorded, but the firewall won't take any real action. You shall be able to view detailed logs from your Hepsia Control Panel including the IP address where the attack came from, what the attacker planned to do and how ModSecurity handled the threat. As we take the security of our clients' sites very seriously, we employ a selection of commercial rules which we get from one of the top companies which maintain this type of rules. Our admins also add custom rules to make certain that your Internet sites will be resistant to as many risks as possible.
ModSecurity in Semi-dedicated Servers
We've integrated ModSecurity by default inside all semi-dedicated server plans, so your web applications will be protected the instant you install them under any domain or subdomain. The Hepsia CP that comes with the semi-dedicated accounts shall allow you to switch on or disable the firewall for any site with a mouse click. You shall also have the ability to switch on a passive detection mode through which ModSecurity will maintain a log of possible attacks without really stopping them. The thorough logs contain the nature of the attack and what ModSecurity response this attack initiated, where it came from, etcetera. The list of rules which we employ is constantly updated as to match any new threats which may appear on the Internet and it includes both commercial rules that we get from a security corporation and custom-written ones that our admins include if they discover a threat that is not present within the commercial list yet.
ModSecurity in VPS Servers
ModSecurity is provided with all Hepsia-based VPS servers we offer and it shall be turned on automatically for every new domain or subdomain which you add on the hosting server. That way, any web application which you install will be secured right away without doing anything manually on your end. The firewall could be handled through the section of the Control Panel which bears the same name. This is the place whereyou could switch off ModSecurity or enable its passive mode, so it won't take any action toward threats, but will still maintain a thorough log. The recorded information is available inside the same section as well and you will be able to see what IPs any attacks came from so that you stop them, what the nature of the attempted attacks was and based upon what security rules ModSecurity reacted. The rules we use on our servers are a mix between commercial ones which we get from a security organization and custom ones that are included by our admins to optimize the security of any web applications hosted on our end.
ModSecurity in Dedicated Servers
All our dedicated servers which are installed with the Hepsia hosting Control Panel feature ModSecurity, so any program you upload or install will be secured from the very beginning and you will not need to bother about common attacks or vulnerabilities. A separate section in Hepsia will allow you to start or stop the firewall for every domain or subdomain, or activate a detection mode so that it records information about intrusions, but doesn't take actions to prevent them. What you shall discover in the logs can easily allow you to to secure your Internet sites better - the IP an attack originated from, what website was attacked as well as how, what ModSecurity rule was triggered, and so on. With this information, you could see whether a site needs an update, if you should block IPs from accessing your web server, and so forth. Besides the third-party commercial security rules for ModSecurity we use, our administrators include custom ones as well whenever they discover a new threat that's not yet in the commercial bundle.