ModSecurity is a powerful web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to a website without affecting its overall performance and in case it detects an intrusion attempt, it prevents it. The firewall additionally keeps a more detailed log for the traffic than any server does, so you shall be able to keep track of what is going on with your Internet sites a lot better than if you rely only on conventional logs. ModSecurity uses security rules based on which it stops attacks. For instance, it identifies whether anyone is trying to log in to the admin area of a certain script a number of times or if a request is sent to execute a file with a particular command. In such instances these attempts set off the corresponding rules and the software blocks the attempts in real time, and then records detailed info about them inside its logs. ModSecurity is amongst the best software firewalls out there and it could easily protect your web apps against a huge number of threats and vulnerabilities, especially in case you don’t update them or their plugins frequently.
ModSecurity in Cloud Hosting
ModSecurity can be found with every cloud hosting solution which we provide and it is switched on by default for every domain or subdomain that you include through your Hepsia CP. If it disrupts any of your apps or you'd like to disable it for some reason, you shall be able to do this through the ModSecurity section of Hepsia with merely a click. You can also use a passive mode, so the firewall will discover potential attacks and maintain a log, but will not take any action. You'll be able to see extensive logs in the exact same section, including the IP address where the attack came from, what precisely the attacker attempted to do and at what time, what ModSecurity did, and so on. For max safety of our customers we use a group of commercial firewall rules blended with custom ones which are included by our system administrators.
ModSecurity in Semi-dedicated Servers
Any web application you set up inside your new semi-dedicated server account will be protected by ModSecurity since the firewall comes with all our hosting solutions and is switched on by default for any domain and subdomain which you include or create using your Hepsia hosting Control Panel. You'll be able to manage ModSecurity via a dedicated area in Hepsia where not simply can you activate or deactivate it completely, but you could also activate a passive mode, so the firewall will not stop anything, but it shall still maintain an archive of potential attacks. This normally requires just a mouse click and you will be able to look at the logs regardless of if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was taken care of, and so on. The firewall uses 2 groups of rules on our servers - a commercial one which we get from a third-party web security company and a custom one that our admins update manually in order to respond to newly discovered threats as soon as possible.
ModSecurity in VPS Servers
ModSecurity is pre-installed on all VPS servers which are provided with the Hepsia hosting Control Panel, so your web applications will be secured from the instant your server is in a position. The firewall is turned on by default for any domain or subdomain on the VPS, but if necessary, you'll be able to disable it with a mouse click via the corresponding section of Hepsia. You could also set it to operate in detection mode, so it will keep an extensive log of any potential attacks without taking any action to stop them. The logs are available within the same section and provide information regarding the nature of the attack, what IP address it came from and what ModSecurity rule was activated to stop it. For best security, we employ not only commercial rules from a company working in the field of web security, but also custom ones that our admins include manually so as to react to new threats which are still not dealt with in the commercial rules.
ModSecurity in Dedicated Servers
ModSecurity is available by default with all dedicated servers that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain you host or subdomain you create on the server. Just in case that a web app does not operate properly, you could either disable the firewall or set it to operate in passive mode. The second means that ModSecurity will keep a log of any potential attack which could occur, but won't take any action to stop it. The logs produced in active or passive mode will give you more details about the exact file that was attacked, the type of the attack and the IP it came from, etcetera. This info will enable you to determine what steps you can take to boost the safety of your Internet sites, including blocking IPs or carrying out script and plugin updates. The ModSecurity rules which we use are updated regularly with a commercial bundle from a third-party security company we work with, but from time to time our staff add their own rules too if they find a new potential threat.