ModSecurity is a highly effective web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to an Internet site without affecting its overall performance and if it identifies an intrusion attempt, it prevents it. The firewall additionally keeps a more thorough log for the site visitors than any server does, so you shall be able to monitor what is happening with your sites better than if you rely merely on conventional logs. ModSecurity employs security rules based on which it prevents attacks. For instance, it identifies if somebody is trying to log in to the admin area of a given script several times or if a request is sent to execute a file with a specific command. In these cases these attempts trigger the corresponding rules and the firewall blocks the attempts in real time, and then records comprehensive information about them in its logs. ModSecurity is amongst the best software firewalls out there and it can easily protect your web applications against a huge number of threats and vulnerabilities, particularly if you don’t update them or their plugins regularly.
ModSecurity in Cloud Website Hosting
ModSecurity is supplied with all cloud website hosting machines, so when you choose to host your Internet sites with our organization, they'll be shielded from a wide array of attacks. The firewall is turned on by default for all domains and subdomains, so there will be nothing you shall have to do on your end. You'll be able to stop ModSecurity for any site if needed, or to activate a detection mode, so all activity shall be recorded, but the firewall won't take any real action. You'll be able to view specific logs using your Hepsia CP including the IP address where the attack came from, what the attacker wanted to do and how ModSecurity addressed the threat. Since we take the security of our customers' sites seriously, we use a group of commercial rules which we get from one of the leading companies which maintain this kind of rules. Our administrators also include custom rules to make sure that your Internet sites shall be protected against as many threats as possible.
ModSecurity in Semi-dedicated Servers
All semi-dedicated server solutions that we offer feature ModSecurity and given that the firewall is enabled by default, any site that you set up under a domain or a subdomain shall be protected immediately. A separate section inside the Hepsia CP which comes with the semi-dedicated accounts is dedicated to ModSecurity and it'll permit you to start and stop the firewall for any website or activate a detection mode. With the last mentioned, ModSecurity won't take any action, but it shall still identify possible attacks and will keep all info within a log as if it were fully active. The logs could be found within the same section of the CP and they include information regarding the IP where an attack originated from, what its nature was, what rule ModSecurity applies to recognize and stop it, etc. The security rules which we employ on our machines are a mix of commercial ones from a security company and custom ones developed by our system admins. As a result, we offer increased security for your web apps as we can defend them from attacks before security corporations release updates for completely new threats.
ModSecurity in VPS Servers
All VPS servers that are provided with the Hepsia CP come with ModSecurity. The firewall is installed and activated by default for all domains which are hosted on the server, so there shall not be anything special which you'll have to do to protect your sites. It'll take you just a mouse click to stop ModSecurity if necessary or to turn on its passive mode so that it records what occurs without taking any steps to stop intrusions. You shall be able to see the logs produced in passive or active mode from the corresponding section of Hepsia and discover more about the form of the attack, where it came from, what rule the firewall used to tackle it, and so forth. We employ a mixture of commercial and custom rules so as to make sure that ModSecurity will stop as many threats as possible, therefore increasing the security of your web programs as much as possible.
ModSecurity in Dedicated Servers
All our dedicated servers that are installed with the Hepsia hosting Control Panel come with ModSecurity, so any app which you upload or set up will be secured from the very beginning and you'll not need to stress about common attacks or vulnerabilities. An individual section in Hepsia will permit you to start or stop the firewall for every domain or subdomain, or switch on a detection mode so that it records information about intrusions, but doesn't take actions to prevent them. What you'll find in the logs can easily allow you to to secure your websites better - the IP address an attack came from, what website was attacked as well as how, what ModSecurity rule was triggered, etcetera. With this information, you could see whether a website needs an update, if you need to block IPs from accessing your web server, and so on. Besides the third-party commercial security rules for ModSecurity we use, our admins add custom ones as well if they find a new threat which is not yet in the commercial bundle.