ModSecurity is a highly effective web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its operation and if it discovers an intrusion attempt, it blocks it. The firewall also maintains a more thorough log for the traffic than any server does, so you'll be able to keep an eye on what is happening with your sites a lot better than if you rely merely on standard logs. ModSecurity works with security rules based on which it prevents attacks. For instance, it identifies whether anyone is attempting to log in to the admin area of a certain script several times or if a request is sent to execute a file with a certain command. In such circumstances these attempts set off the corresponding rules and the software blocks the attempts instantly, after that records detailed details about them in its logs. ModSecurity is one of the best software firewalls on the market and it can easily protect your web applications against a huge number of threats and vulnerabilities, especially if you don’t update them or their plugins frequently.
ModSecurity in Cloud Web Hosting
ModSecurity comes standard with all cloud web hosting plans that we offer and it'll be switched on automatically for any domain or subdomain that you add/create in your Hepsia hosting Control Panel. The firewall has three different modes, so you'll be able to activate and disable it with a click or set it to detection mode, so it shall keep a log of all attacks, but it'll not do anything to stop them. The log for each of your sites will feature detailed info including the nature of the attack, where it came from, what action was taken by ModSecurity, and so on. The firewall rules which we use are regularly updated and consist of both commercial ones that we get from a third-party security firm and custom ones our system admins include in the event that they detect a new kind of attacks. This way, the websites you host here shall be a lot more protected without any action expected on your end.
ModSecurity in Semi-dedicated Servers
ModSecurity is a part of our semi-dedicated server packages and if you choose to host your Internet sites with our company, there will not be anything special you'll need to do given that the firewall is switched on by default for all domains and subdomains that you include through your hosting Control Panel. If needed, you'll be able to disable ModSecurity for a particular site or turn on the so-called detection mode in which case the firewall shall still operate and record information, but will not do anything to prevent possible attacks against your sites. In depth logs shall be available inside your CP and you will be able to see what type of attacks happened, what security rules were triggered and how the firewall dealt with the threats, what Internet protocol addresses the attacks originated from, and so on. We employ two sorts of rules on our servers - commercial ones from a firm which operates in the field of web security, and custom made ones that our admins often include to respond to newly discovered risks on time.
ModSecurity in VPS Servers
Safety is of the utmost importance to us, so we install ModSecurity on all VPS servers which are provided with the Hepsia Control Panel by default. The firewall can be managed through a dedicated section within Hepsia and is switched on automatically when you add a new domain or generate a subdomain, so you'll not need to do anything manually. You'll also be able to deactivate it or turn on the so-called detection mode, so it will keep a log of potential attacks you can later study, but won't prevent them. The logs in both passive and active modes contain information regarding the form of the attack and how it was eliminated, what IP address it came from and other useful data that may help you to tighten the security of your sites by updating them or blocking IPs, for example. Beyond the commercial rules that we get for ModSecurity from a third-party security enterprise, we also use our own rules because once in a while we detect specific attacks which aren't yet present within the commercial group. This way, we could increase the security of your VPS instantly as opposed to waiting for an official update.
ModSecurity in Dedicated Servers
If you opt to host your websites on a dedicated server with the Hepsia CP, your web applications shall be protected right from the start as ModSecurity is available with all Hepsia-based packages. You shall be able to control the firewall easily and if required, you will be able to turn it off or switch on its passive mode when it will only keep a log of what's happening without taking any action to stop possible attacks. The logs that you can find within the exact same section of the CP are really detailed and contain information about the attacker IP, what site and file were attacked and in what way, what rule the firewall used to prevent the intrusion, etcetera. This data shall enable you to take measures and increase the protection of your websites even more. To be on the safe side, we use not only commercial rules, but also custom-made ones which our admins add when they identify attacks that haven't yet been included within the commercial pack.