Discover what ModSecurity is, how it works and just what it does so as to protect your web sites and apps.
ModSecurity is a potent web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to an Internet site without affecting its performance and when it identifies an intrusion attempt, it prevents it. The firewall additionally keeps a more detailed log for the site visitors than any server does, so you shall be able to monitor what is going on with your websites much better than if you rely merely on conventional logs. ModSecurity uses security rules based on which it stops attacks. For example, it identifies if anyone is trying to log in to the administration area of a specific script multiple times or if a request is sent to execute a file with a certain command. In these cases these attempts trigger the corresponding rules and the firewall hinders the attempts immediately, and then records comprehensive information about them in its logs. ModSecurity is among the very best software firewalls available and it can protect your web applications against many threats and vulnerabilities, especially in case you don’t update them or their plugins often.
ModSecurity in Shared Website Hosting
ModSecurity is offered with each and every shared website hosting
solution which we provide and it's activated by default for any domain or subdomain which you include through your Hepsia Control Panel. In the event that it interferes with any of your apps or you would like to disable it for whatever reason, you shall be able to do this through the ModSecurity section of Hepsia with merely a click. You could also use a passive mode, so the firewall will identify possible attacks and maintain a log, but won't take any action. You can see comprehensive logs in the exact same section, including the IP address where the attack came from, exactly what the attacker aimed to do and at what time, what ModSecurity did, etcetera. For max safety of our clients we use a collection of commercial firewall rules mixed with custom ones which are provided by our system administrators.
ModSecurity in Semi-dedicated Servers
ModSecurity is a part of our semi-dedicated server
plans and if you opt to host your websites with our company, there won't be anything special you'll have to do given that the firewall is switched on by default for all domains and subdomains which you include using your hosting Control Panel. If required, you could disable ModSecurity for a particular website or activate the so-called detection mode in which case the firewall shall still work and record information, but shall not do anything to stop possible attacks on your Internet sites. Detailed logs shall be accessible inside your Control Panel and you shall be able to see which kind of attacks took place, what security rules were triggered and how the firewall dealt with the threats, what IP addresses the attacks came from, and so on. We use 2 kinds of rules on our servers - commercial ones from a business that operates in the field of web security, and custom ones that our admins occasionally add to respond to newly identified risks in a timely manner.
ModSecurity in VPS Servers
ModSecurity is pre-installed on all VPS servers
that are set up with the Hepsia hosting Control Panel, so your web programs shall be protected from the instant your server is in a position. The firewall is turned on by default for any domain or subdomain on the VPS, but if needed, you'll be able to disable it with a click from the corresponding section of Hepsia. You can also set it to work in detection mode, so it will maintain a comprehensive log of any possible attacks without taking any action to prevent them. The logs can be found in the exact same section and include info about the nature of the attack, what IP it came from and what ModSecurity rule was activated to stop it. For best security, we employ not just commercial rules from a business working in the field of web security, but also custom ones our admins include personally so as to respond to new threats that are still not addressed in the commercial rules.
ModSecurity in Dedicated Servers
ModSecurity is provided with all dedicated servers
that are set up with our Hepsia Control Panel and you will not need to do anything specific on your end to employ it because it is enabled by default each time you add a new domain or subdomain on your hosting server. In case it disrupts any of your apps, you'll be able to stop it through the respective part of Hepsia, or you can leave it working in passive mode, so it shall recognize attacks and will still keep a log for them, but won't stop them. You could examine the logs later to find out what you can do to increase the security of your Internet sites as you'll find info such as where an intrusion attempt came from, what Internet site was attacked and in accordance with what rule ModSecurity reacted, and so forth. The rules which we use are commercial, thus they're constantly updated by a security provider, but to be on the safe side, our admins also include custom rules occasionally in order to deal with any new threats they have found.