ModSecurity is a powerful web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its operation and if it identifies an intrusion attempt, it blocks it. The firewall furthermore keeps a more comprehensive log for the website visitors than any web server does, so you'll be able to keep track of what is going on with your websites much better than if you rely merely on conventional logs. ModSecurity uses security rules based on which it prevents attacks. For example, it identifies whether anyone is attempting to log in to the administration area of a certain script a number of times or if a request is sent to execute a file with a particular command. In these instances these attempts trigger the corresponding rules and the firewall program blocks the attempts instantly, and then records detailed info about them within its logs. ModSecurity is amongst the very best software firewalls on the market and it can protect your web apps against many threats and vulnerabilities, especially if you don’t update them or their plugins often.
ModSecurity in Cloud Website Hosting
ModSecurity comes by default with all cloud website hosting solutions that we supply and it shall be switched on automatically for any domain or subdomain that you add/create inside your Hepsia hosting Control Panel. The firewall has three different modes, so you could activate and deactivate it with only a click or set it to detection mode, so it will maintain a log of all attacks, but it shall not do anything to stop them. The log for any of your Internet sites shall contain comprehensive information which includes the nature of the attack, where it originated from, what action was taken by ModSecurity, etcetera. The firewall rules that we use are frequently updated and include both commercial ones which we get from a third-party security firm and custom ones which our system administrators add in case that they detect a new kind of attacks. That way, the Internet sites you host here shall be far more protected without any action expected on your end.
ModSecurity in Semi-dedicated Servers
We've integrated ModSecurity by default within all semi-dedicated server products, so your web apps will be protected as soon as you install them under any domain or subdomain. The Hepsia Control Panel that is included with the semi-dedicated accounts shall permit you to activate or disable the firewall for any website with a mouse click. You'll also have the ability to activate a passive detection mode with which ModSecurity shall keep a log of potential attacks without actually preventing them. The comprehensive logs contain the nature of the attack and what ModSecurity response that attack activated, where it originated from, and so forth. The list of rules we use is constantly updated as to match any new threats which might appear on the Internet and it features both commercial rules that we get from a security firm and custom-written ones which our admins add in case they discover a threat that's not present inside the commercial list yet.
ModSecurity in VPS Servers
Safety is very important to us, so we install ModSecurity on all VPS servers which are made available with the Hepsia Control Panel by default. The firewall could be managed through a dedicated section within Hepsia and is switched on automatically when you add a new domain or generate a subdomain, so you won't need to do anything personally. You shall also be able to deactivate it or switch on the so-called detection mode, so it'll maintain a log of possible attacks which you can later analyze, but shall not stop them. The logs in both passive and active modes include info regarding the kind of the attack and how it was stopped, what IP it originated from and other important information which might help you to tighten the security of your Internet sites by updating them or blocking IPs, for example. Beyond the commercial rules we get for ModSecurity from a third-party security company, we also use our own rules as every now and then we discover specific attacks which are not yet present in the commercial package. This way, we can easily improve the protection of your VPS immediately instead of awaiting an official update.
ModSecurity in Dedicated Servers
ModSecurity is available as standard with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain which you host or subdomain that you create on the hosting server. Just in case that a web app does not operate properly, you can either disable the firewall or set it to work in passive mode. The second means that ModSecurity will keep a log of any potential attack that may take place, but will not take any action to prevent it. The logs created in active or passive mode will give you additional details about the exact file which was attacked, the type of the attack and the IP it came from, etcetera. This data shall permit you to decide what actions you can take to enhance the protection of your Internet sites, for instance blocking IPs or carrying out script and plugin updates. The ModSecurity rules which we use are updated often with a commercial package from a third-party security enterprise we work with, but from time to time our administrators add their own rules also if they discover a new potential threat.