Find out what ModSecurity is, how it operates and exactly what it will do to protect your sites and web apps.
ModSecurity is a powerful web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its overall performance and if it detects an intrusion attempt, it prevents it. The firewall furthermore maintains a more comprehensive log for the site visitors than any web server does, so you'll manage to keep an eye on what is going on with your Internet sites much better than if you rely simply on conventional logs. ModSecurity uses security rules based on which it helps prevent attacks. For instance, it identifies whether somebody is attempting to log in to the administration area of a specific script multiple times or if a request is sent to execute a file with a particular command. In these cases these attempts trigger the corresponding rules and the software blocks the attempts instantly, and then records comprehensive info about them in its logs. ModSecurity is one of the very best software firewalls out there and it can protect your web apps against thousands of threats and vulnerabilities, particularly in case you don’t update them or their plugins often.
ModSecurity in Cloud Website Hosting
ModSecurity comes by default with all cloud website hosting
plans that we provide and it'll be turned on automatically for any domain or subdomain which you add/create inside your Hepsia hosting Control Panel. The firewall has 3 different modes, so you can switch on and disable it with simply a mouse click or set it to detection mode, so it'll keep a log of all attacks, but it shall not do anything to stop them. The log for any of your sites shall contain in-depth info which includes the nature of the attack, where it originated from, what action was taken by ModSecurity, etcetera. The firewall rules that we use are regularly updated and consist of both commercial ones we get from a third-party security firm and custom ones which our system administrators include in case that they detect a new sort of attacks. That way, the Internet sites that you host here shall be far more protected without any action needed on your end.
ModSecurity in Semi-dedicated Servers
Any web program that you set up within your new semi-dedicated server
account shall be protected by ModSecurity because the firewall is provided with all our hosting packages and is switched on by default for any domain and subdomain you include or create using your Hepsia hosting CP. You will be able to manage ModSecurity via a dedicated area in Hepsia where not simply could you activate or deactivate it entirely, but you may also activate a passive mode, so the firewall won't stop anything, but it shall still keep a record of possible attacks. This normally requires just a mouse click and you will be able to see the logs regardless of if ModSecurity is in passive or active mode through the same section - what the attack was and where it came from, how it was addressed, etcetera. The firewall uses 2 sets of rules on our web servers - a commercial one which we get from a third-party web security provider and a custom one that our admins update manually in order to respond to newly discovered risks as fast as possible.
ModSecurity in VPS Servers
ModSecurity is included with all Hepsia-based VPS servers
that we offer and it shall be activated automatically for every new domain or subdomain which you include on the machine. In this way, any web application you install shall be protected from the very beginning without doing anything personally on your end. The firewall can be handled from the section of the CP which has the same name. This is the location in whichyou could disable ModSecurity or let its passive mode, so it shall not take any action against threats, but will still keep a detailed log. The recorded info is available inside the same section as well and you shall be able to see what IPs any attacks originated from so that you can stop them, what the nature of the attempted attacks was and based upon what security rules ModSecurity reacted. The rules that we use on our servers are a mixture between commercial ones we obtain from a security firm and custom ones that are added by our administrators to improve the security of any web applications hosted on our end.
ModSecurity in Dedicated Servers
All our dedicated servers
which are installed with the Hepsia hosting Control Panel come with ModSecurity, so any app you upload or set up will be secured from the very beginning and you won't have to worry about common attacks or vulnerabilities. An individual section in Hepsia will permit you to start or stop the firewall for each and every domain or subdomain, or switch on a detection mode so that it records information about intrusions, but does not take actions to stop them. What you will find in the logs can help you to secure your websites better - the IP address an attack originated from, what site was attacked as well as how, what ModSecurity rule was triggered, etc. With this data, you could see if an Internet site needs an update, if you should block IPs from accessing your web server, etc. In addition to the third-party commercial security rules for ModSecurity that we use, our admins add custom ones as well every time they come across a new threat that's not yet included in the commercial bundle.