ModSecurity is a powerful web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to an Internet site without affecting its performance and if it identifies an intrusion attempt, it prevents it. The firewall also keeps a more detailed log for the website visitors than any server does, so you'll be able to monitor what is going on with your sites a lot better than if you rely only on standard logs. ModSecurity employs security rules based on which it stops attacks. For instance, it recognizes if someone is trying to log in to the admin area of a certain script multiple times or if a request is sent to execute a file with a particular command. In these instances these attempts set off the corresponding rules and the firewall program blocks the attempts right away, then records in-depth details about them inside its logs. ModSecurity is one of the most effective software firewalls available and it can easily protect your web applications against a large number of threats and vulnerabilities, particularly in case you don’t update them or their plugins frequently.
ModSecurity in Cloud Website Hosting
We provide ModSecurity with all cloud website hosting solutions, so your web applications shall be shielded from harmful attacks. The firewall is switched on by default for all domains and subdomains, but if you would like, you will be able to stop it via the respective section of your Hepsia Control Panel. You can also switch on a detection mode, so ModSecurity shall keep a log as intended, but will not take any action. The logs that you will discover within Hepsia are extremely detailed and offer information about the nature of any attack, when it took place and from what IP, the firewall rule which was triggered, etcetera. We employ a range of commercial rules which are often updated, but sometimes our administrators include custom rules as well in order to better protect the sites hosted on our servers.
ModSecurity in Semi-dedicated Servers
ModSecurity is a part of our semi-dedicated server plans and if you choose to host your Internet sites with our company, there shall not be anything special you'll need to do as the firewall is turned on by default for all domains and subdomains that you include through your hosting CP. If needed, you can disable ModSecurity for a given site or activate the so-called detection mode in which case the firewall will still function and record info, but shall not do anything to prevent possible attacks against your websites. Thorough logs shall be available in your Control Panel and you'll be able to see which kind of attacks happened, what security rules were triggered and how the firewall addressed the threats, what Internet protocol addresses the attacks came from, and so on. We employ 2 sorts of rules on our servers - commercial ones from a business which operates in the field of web security, and custom made ones which our admins sometimes include to respond to newly identified threats promptly.
ModSecurity in VPS Servers
All VPS servers that are offered with the Hepsia Control Panel feature ModSecurity. The firewall is set up and switched on by default for all domains that are hosted on the machine, so there will not be anything special which you'll need to do to protect your websites. It will take you a click to stop ModSecurity if needed or to turn on its passive mode so that it records what happens without taking any measures to stop intrusions. You'll be able to see the logs produced in passive or active mode via the corresponding section of Hepsia and find out more about the type of the attack, where it came from, what rule the firewall employed to take care of it, and so on. We employ a combination of commercial and custom rules so as to make certain that ModSecurity will block as many threats as possible, hence improving the protection of your web programs as much as possible.
ModSecurity in Dedicated Servers
If you opt to host your sites on a dedicated server with the Hepsia CP, your web apps shall be protected right from the start because ModSecurity is provided with all Hepsia-based packages. You'll be able to regulate the firewall effortlessly and if required, you shall be able to turn it off or enable its passive mode when it shall only keep a log of what is going on without taking any action to prevent potential attacks. The logs that you will find inside the exact same section of the CP are really detailed and contain information about the attacker IP, what site and file were attacked and in what way, what rule the firewall used to stop the intrusion, etc. This information will permit you to take measures and boost the protection of your sites even more. To be on the safe side, we employ not just commercial rules, but also custom-made ones that our admins add every time they detect attacks which have not yet been included inside the commercial pack.