ModSecurity is a highly effective web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to a website without affecting its functionality and in case it discovers an intrusion attempt, it prevents it. The firewall also maintains a more detailed log for the website visitors than any web server does, so you will manage to monitor what's going on with your sites a lot better than if you rely merely on standard logs. ModSecurity employs security rules based on which it prevents attacks. For example, it recognizes if anyone is trying to log in to the administration area of a particular script multiple times or if a request is sent to execute a file with a certain command. In these situations these attempts set off the corresponding rules and the firewall program blocks the attempts right away, after that records in-depth details about them in its logs. ModSecurity is one of the very best software firewalls on the market and it can protect your web applications against a large number of threats and vulnerabilities, especially in case you don’t update them or their plugins often.
ModSecurity in Cloud Hosting
ModSecurity comes standard with all cloud hosting packages that we offer and it shall be activated automatically for any domain or subdomain which you add/create in your Hepsia hosting Control Panel. The firewall has 3 different modes, so you could activate and deactivate it with only a mouse click or set it to detection mode, so it will keep a log of all attacks, but it will not do anything to prevent them. The log for each of your websites will contain detailed information which includes the nature of the attack, where it came from, what action was taken by ModSecurity, and so on. The firewall rules that we use are constantly updated and consist of both commercial ones we get from a third-party security company and custom ones that our system admins add in case that they detect a new kind of attacks. That way, the Internet sites you host here will be far more protected without any action needed on your end.
ModSecurity in Semi-dedicated Servers
ModSecurity is a part of our semi-dedicated server solutions and if you opt to host your websites with our company, there will not be anything special you will have to do given that the firewall is switched on by default for all domains and subdomains that you add using your hosting CP. If needed, you could disable ModSecurity for a given website or switch on the so-called detection mode in which case the firewall will still function and record information, but will not do anything to stop possible attacks on your Internet sites. Comprehensive logs will be accessible in your Control Panel and you shall be able to see what type of attacks occurred, what security rules were triggered and how the firewall dealt with the threats, what Internet protocol addresses the attacks came from, and so forth. We employ two kinds of rules on our servers - commercial ones from an organization that operates in the field of web security, and customized ones that our admins often add to respond to newly discovered threats in a timely manner.
ModSecurity in VPS Servers
ModSecurity is provided with all Hepsia-based VPS servers we offer and it'll be switched on automatically for any new domain or subdomain that you include on the machine. That way, any web app you install shall be protected right from the start without doing anything manually on your end. The firewall can be handled via the section of the CP which bears the same name. This is the location whereyou can switch off ModSecurity or let its passive mode, so it shall not take any action toward threats, but will still keep a thorough log. The recorded data is available within the same area as well and you shall be able to see what IPs any attacks originated from so that you stop them, what the nature of the attempted attacks was and based on what security rules ModSecurity reacted. The rules we use on our servers are a blend between commercial ones that we get from a security organization and custom ones which are added by our admins to improve the security of any web apps hosted on our end.
ModSecurity in Dedicated Servers
If you decide to host your Internet sites on a dedicated server with the Hepsia Control Panel, your web programs shall be protected immediately since ModSecurity is supplied with all Hepsia-based packages. You shall be able to control the firewall easily and if required, you shall be able to turn it off or switch on its passive mode when it will only keep a log of what's taking place without taking any action to stop possible attacks. The logs which you will find in the exact same section of the CP are incredibly detailed and include information about the attacker IP address, what site and file were attacked and in what ways, what rule the firewall employed to stop the intrusion, etc. This information will permit you to take measures and improve the security of your Internet sites even more. To be on the safe side, we employ not just commercial rules, but also custom-made ones which our staff add when they identify attacks that have not yet been included in the commercial pack.