ModSecurity is a highly effective web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a site without affecting its functionality and when it detects an intrusion attempt, it prevents it. The firewall also maintains a more thorough log for the website visitors than any web server does, so you'll manage to keep an eye on what is happening with your sites much better than if you rely simply on standard logs. ModSecurity works with security rules based on which it helps prevent attacks. For example, it identifies whether someone is trying to log in to the administration area of a certain script a number of times or if a request is sent to execute a file with a particular command. In such circumstances these attempts set off the corresponding rules and the firewall software blocks the attempts instantly, then records comprehensive details about them within its logs. ModSecurity is one of the best software firewalls on the market and it could easily protect your web apps against many threats and vulnerabilities, particularly if you don’t update them or their plugins regularly.
ModSecurity in Cloud Website Hosting
ModSecurity comes standard with all cloud website hosting solutions that we provide and it shall be switched on automatically for any domain or subdomain you add/create inside your Hepsia hosting CP. The firewall has three different modes, so you can switch on and deactivate it with just a click or set it to detection mode, so it'll keep a log of all attacks, but it'll not do anything to prevent them. The log for any of your Internet sites will feature detailed info including the nature of the attack, where it came from, what action was taken by ModSecurity, etcetera. The firewall rules that we use are constantly updated and comprise of both commercial ones which we get from a third-party security business and custom ones our system administrators include in the event that they detect a new type of attacks. That way, the sites which you host here shall be way more protected with no action required on your end.
ModSecurity in Semi-dedicated Hosting
We have incorporated ModSecurity by default inside all semi-dedicated hosting packages, so your web apps shall be protected as soon as you set them up under any domain or subdomain. The Hepsia Control Panel that is included with the semi-dedicated accounts will allow you to switch on or disable the firewall for any Internet site with a click. You will also have the ability to activate a passive detection mode in which ModSecurity shall keep a log of possible attacks without actually stopping them. The detailed logs contain the nature of the attack and what ModSecurity response that attack generated, where it originated from, and so on. The list of rules which we use is frequently updated as to match any new risks which could appear on the Internet and it comes with both commercial rules that we get from a security corporation and custom-written ones which our administrators add in the event that they discover a threat that is not present within the commercial list yet.
ModSecurity in VPS
ModSecurity comes with all Hepsia-based virtual private servers that we offer and it'll be turned on automatically for every new domain or subdomain you include on the web server. In this way, any web application you install shall be protected right away without doing anything by hand on your end. The firewall may be handled through the section of the CP which bears the same name. This is the location in whichyou can disable ModSecurity or activate its passive mode, so it shall not take any action towards threats, but will still keep a detailed log. The recorded info is available within the same area as well and you will be able to see what IPs any attacks originated from to enable you to stop them, what the nature of the attempted attacks was and based on what security rules ModSecurity reacted. The rules which we employ on our servers are a mix between commercial ones which we obtain from a security firm and custom ones which are added by our administrators to improve the security of any web applications hosted on our end.
ModSecurity in Dedicated Hosting
When you choose to host your websites on a dedicated server with the Hepsia CP, your web applications shall be secured immediately as ModSecurity is supplied with all Hepsia-based packages. You'll be able to manage the firewall easily and if needed, you shall be able to turn it off or switch on its passive mode when it will only maintain a log of what is going on without taking any action to stop possible attacks. The logs that you can find in the same section of the Control Panel are very detailed and feature information about the attacker IP address, what site and file were attacked and in what ways, what rule the firewall employed to prevent the intrusion, and so forth. This information will permit you to take measures and boost the security of your sites even more. To be on the safe side, we use not only commercial rules, but also custom-made ones which our admins include whenever they identify attacks that haven't yet been included within the commercial pack.