ModSecurity is a powerful web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a site without affecting its functionality and if it discovers an intrusion attempt, it prevents it. The firewall furthermore keeps a more thorough log for the website visitors than any server does, so you shall manage to monitor what's happening with your sites a lot better than if you rely merely on standard logs. ModSecurity works with security rules based on which it helps prevent attacks. For example, it identifies if someone is trying to log in to the administration area of a particular script a number of times or if a request is sent to execute a file with a specific command. In such circumstances these attempts trigger the corresponding rules and the firewall blocks the attempts right away, then records comprehensive details about them inside its logs. ModSecurity is among the best software firewalls available and it could easily protect your web apps against thousands of threats and vulnerabilities, particularly in case you don’t update them or their plugins regularly.
ModSecurity in Cloud Hosting
We offer ModSecurity with all cloud hosting packages, so your web applications will be protected against destructive attacks. The firewall is switched on as standard for all domains and subdomains, but if you would like, you will be able to stop it through the respective section of your Hepsia CP. You'll be able to also activate a detection mode, so ModSecurity shall keep a log as intended, but will not take any action. The logs that you shall find in Hepsia are incredibly detailed and offer info about the nature of any attack, when it transpired and from what IP, the firewall rule that was triggered, etc. We employ a set of commercial rules that are regularly updated, but sometimes our administrators add custom rules as well so as to better protect the websites hosted on our servers.
ModSecurity in Semi-dedicated Servers
ModSecurity is a part of our semi-dedicated server solutions and if you choose to host your websites with our company, there won't be anything special you will have to do since the firewall is turned on by default for all domains and subdomains you include via your hosting CP. If necessary, you could disable ModSecurity for a particular website or switch on the so-called detection mode in which case the firewall shall still function and record data, but won't do anything to prevent potential attacks on your Internet sites. Comprehensive logs shall be readily available within your CP and you shall be able to see which kind of attacks happened, what security rules were triggered and how the firewall addressed the threats, what Internet protocol addresses the attacks came from, etc. We employ 2 types of rules on our servers - commercial ones from a company which operates in the field of web security, and customized ones that our administrators sometimes include to respond to newly found threats in a timely manner.
ModSecurity in VPS Servers
ModSecurity is included with all Hepsia-based VPS servers we offer and it shall be switched on automatically for any new domain or subdomain which you include on the server. That way, any web app you install will be secured right away without doing anything manually on your end. The firewall may be handled through the section of the CP that bears the same name. This is the area whereyou could disable ModSecurity or enable its passive mode, so it will not take any action against threats, but will still keep a comprehensive log. The recorded data is available in the same area as well and you will be able to see what IPs any attacks came from to enable you to block them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity reacted. The rules that we employ on our servers are a mix between commercial ones that we get from a security firm and custom ones which are included by our administrators to improve the security of any web apps hosted on our end.
ModSecurity in Dedicated Servers
When you decide to host your sites on a dedicated server with the Hepsia Control Panel, your web apps shall be protected immediately as ModSecurity is available with all Hepsia-based packages. You shall be able to manage the firewall with ease and if required, you will be able to turn it off or switch on its passive mode when it will only maintain a log of what is happening without taking any action to prevent possible attacks. The logs which you'll find within the same section of the Control Panel are very detailed and include information about the attacker IP address, what website and file were attacked and in what ways, what rule the firewall used to stop the intrusion, and so on. This data shall enable you to take measures and enhance the protection of your websites even more. To be on the safe side, we employ not just commercial rules, but also custom-made ones which our administrators include when they identify attacks that have not yet been included within the commercial pack.