ModSecurity is a potent web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to a website without affecting its functionality and when it detects an intrusion attempt, it blocks it. The firewall additionally keeps a more detailed log for the website visitors than any web server does, so you will be able to keep track of what is happening with your websites a lot better than if you rely merely on conventional logs. ModSecurity employs security rules based on which it helps prevent attacks. For instance, it identifies whether anyone is trying to log in to the administrator area of a specific script several times or if a request is sent to execute a file with a certain command. In such circumstances these attempts trigger the corresponding rules and the firewall program blocks the attempts in real time, then records in-depth information about them in its logs. ModSecurity is one of the very best software firewalls out there and it can easily protect your web apps against many threats and vulnerabilities, especially if you don’t update them or their plugins often.
ModSecurity in Cloud Website Hosting
ModSecurity comes by default with all cloud website hosting packages which we offer and it will be turned on automatically for any domain or subdomain which you add/create in your Hepsia hosting Control Panel. The firewall has three different modes, so you can activate and deactivate it with a mouse click or set it to detection mode, so it'll maintain a log of all attacks, but it will not do anything to stop them. The log for each of your sites shall feature in-depth info including the nature of the attack, where it came from, what action was taken by ModSecurity, and so on. The firewall rules which we use are regularly updated and comprise of both commercial ones that we get from a third-party security company and custom ones our system admins add in the event that they detect a new sort of attacks. That way, the sites that you host here shall be far more secure without any action needed on your end.
ModSecurity in Semi-dedicated Hosting
ModSecurity is part of our semi-dedicated hosting packages and if you opt to host your Internet sites with us, there won't be anything special you'll have to do given that the firewall is turned on by default for all domains and subdomains that you include using your hosting CP. If necessary, you could disable ModSecurity for a certain website or activate the so-called detection mode in which case the firewall shall still operate and record data, but will not do anything to prevent possible attacks against your websites. Thorough logs shall be readily available inside your Control Panel and you shall be able to see what sort of attacks occurred, what security rules were triggered and how the firewall dealt with the threats, what IP addresses the attacks originated from, and so forth. We employ 2 kinds of rules on our servers - commercial ones from a company that operates in the field of web security, and custom ones that our administrators often include to respond to newly discovered risks in a timely manner.
ModSecurity in VPS Hosting
ModSecurity is pre-installed on all virtual private servers that are set up with the Hepsia hosting CP, so your web apps will be secured from the instant your server is ready. The firewall is activated by default for any domain or subdomain on the Virtual Private Server, but if required, you could deactivate it with a mouse click from the corresponding section of Hepsia. You could also set it to operate in detection mode, so it shall keep a detailed log of any potential attacks without taking any action to prevent them. The logs are available in the very same section and include details about the nature of the attack, what IP it came from and what ModSecurity rule was initiated to stop it. For best security, we use not only commercial rules from a business working in the field of web security, but also custom ones which our admins include manually so as to respond to new threats which are still not tackled in the commercial rules.
ModSecurity in Dedicated Web Hosting
If you opt to host your sites on a dedicated server with the Hepsia CP, your web applications will be protected right away as ModSecurity is available with all Hepsia-based packages. You will be able to regulate the firewall easily and if required, you'll be able to turn it off or enable its passive mode when it'll only keep a log of what is going on without taking any action to stop potential attacks. The logs that you'll find in the very same section of the CP are extremely detailed and feature data about the attacker IP, what website and file were attacked and in what way, what rule the firewall employed to stop the intrusion, and so forth. This data shall permit you to take measures and improve the security of your sites even more. To be on the safe side, we employ not just commercial rules, but also custom-made ones which our administrators add whenever they recognize attacks that have not yet been included in the commercial pack.