ModSecurity is a powerful web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to an Internet site without affecting its functionality and if it discovers an intrusion attempt, it blocks it. The firewall also maintains a more detailed log for the site visitors than any web server does, so you'll be able to keep an eye on what's happening with your sites much better than if you rely simply on conventional logs. ModSecurity uses security rules based on which it helps prevent attacks. For example, it identifies whether someone is attempting to log in to the admin area of a specific script multiple times or if a request is sent to execute a file with a specific command. In such instances these attempts trigger the corresponding rules and the firewall software blocks the attempts instantly, after that records detailed information about them inside its logs. ModSecurity is one of the very best software firewalls available and it can protect your web apps against a large number of threats and vulnerabilities, especially if you don’t update them or their plugins regularly.
ModSecurity in Web Hosting
ModSecurity is provided with all web hosting servers, so if you opt to host your websites with our organization, they will be resistant to an array of attacks. The firewall is enabled as standard for all domains and subdomains, so there shall be nothing you'll have to do on your end. You shall be able to stop ModSecurity for any Internet site if necessary, or to enable a detection mode, so that all activity will be recorded, but the firewall shall not take any real action. You will be able to view specific logs through your Hepsia Control Panel including the IP where the attack came from, what the attacker wanted to do and how ModSecurity dealt with the threat. As we take the protection of our customers' websites very seriously, we use a selection of commercial rules which we take from one of the top firms that maintain this type of rules. Our administrators also add custom rules to make certain that your websites shall be protected against as many threats as possible.
ModSecurity in Semi-dedicated Servers
We have incorporated ModSecurity by default in all semi-dedicated server plans, so your web apps will be protected as soon as you set them up under any domain or subdomain. The Hepsia Control Panel which is included with the semi-dedicated accounts will permit you to enable or turn off the firewall for any site with a click. You'll also be able to turn on a passive detection mode through which ModSecurity will maintain a log of potential attacks without really stopping them. The thorough logs include the nature of the attack and what ModSecurity response this attack triggered, where it originated from, etcetera. The list of rules we employ is constantly updated as to match any new risks that might appear on the Internet and it comes with both commercial rules that we get from a security company and custom-written ones which our administrators include in the event that they find a threat that's not present inside the commercial list yet.
ModSecurity in VPS Servers
ModSecurity comes with all Hepsia-based VPS servers that we offer and it'll be activated automatically for any new domain or subdomain that you add on the hosting server. In this way, any web app that you install shall be secured right from the start without doing anything by hand on your end. The firewall may be managed from the section of the Control Panel that bears the same name. This is the place whereyou can disable ModSecurity or activate its passive mode, so it shall not take any action toward threats, but will still maintain a thorough log. The recorded information is available inside the same section as well and you shall be able to see what IPs any attacks came from so that you block them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity reacted. The rules we employ on our servers are a blend between commercial ones we obtain from a security firm and custom ones that are included by our admins to improve the protection of any web applications hosted on our end.
ModSecurity in Dedicated Servers
ModSecurity is offered as standard with all dedicated servers that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain that you host or subdomain that you create on the web server. Just in case that a web app does not operate adequately, you can either disable the firewall or set it to work in passive mode. The latter means that ModSecurity will keep a log of any potential attack that could happen, but will not take any action to stop it. The logs generated in active or passive mode shall offer you additional details about the exact file which was attacked, the type of the attack and the IP address it originated from, and so on. This info shall allow you to decide what steps you can take to boost the safety of your Internet sites, for instance blocking IPs or performing script and plugin updates. The ModSecurity rules which we use are updated constantly with a commercial package from a third-party security provider we work with, but sometimes our staff add their own rules too if they identify a new potential threat.