ModSecurity is a highly effective web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to an Internet site without affecting its performance and if it detects an intrusion attempt, it blocks it. The firewall furthermore keeps a more thorough log for the website visitors than any server does, so you will be able to keep an eye on what is happening with your Internet sites a lot better than if you rely only on conventional logs. ModSecurity uses security rules based on which it stops attacks. For example, it identifies whether somebody is trying to log in to the admin area of a particular script multiple times or if a request is sent to execute a file with a certain command. In these instances these attempts trigger the corresponding rules and the firewall hinders the attempts in real time, and then records in-depth details about them in its logs. ModSecurity is amongst the very best software firewalls available and it could easily protect your web apps against a large number of threats and vulnerabilities, especially if you don’t update them or their plugins frequently.
ModSecurity in Cloud Website Hosting
We offer ModSecurity with all cloud website hosting solutions, so your web apps will be resistant to malicious attacks. The firewall is turned on by default for all domains and subdomains, but if you'd like, you shall be able to stop it via the respective part of your Hepsia Control Panel. You'll be able to also switch on a detection mode, so ModSecurity shall keep a log as intended, but won't take any action. The logs which you'll find in Hepsia are incredibly detailed and include information about the nature of any attack, when it transpired and from what IP, the firewall rule which was triggered, and so on. We use a range of commercial rules that are constantly updated, but sometimes our admins include custom rules as well in order to efficiently protect the Internet sites hosted on our servers.
ModSecurity in Semi-dedicated Hosting
We have incorporated ModSecurity as a standard inside all semi-dedicated hosting packages, so your web applications shall be protected whenever you set them up under any domain or subdomain. The Hepsia CP which comes with the semi-dedicated accounts will allow you to switch on or disable the firewall for any Internet site with a mouse click. You shall also be able to activate a passive detection mode through which ModSecurity will maintain a log of possible attacks without actually stopping them. The comprehensive logs include things like the nature of the attack and what ModSecurity response this attack generated, where it came from, etc. The list of rules that we use is frequently updated in order to match any new threats that may appear on the Internet and it features both commercial rules that we get from a security business and custom-written ones that our administrators add in case they discover a threat which is not present within the commercial list yet.
ModSecurity in Dedicated Web Hosting
ModSecurity is offered as standard with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain that you host or subdomain you create on the web server. Just in case that a web app doesn't operate adequately, you may either disable the firewall or set it to operate in passive mode. The second means that ModSecurity will keep a log of any potential attack that may happen, but won't take any action to prevent it. The logs produced in passive or active mode shall offer you additional details about the exact file which was attacked, the type of the attack and the IP address it originated from, etc. This information shall permit you to decide what actions you can take to enhance the protection of your websites, including blocking IPs or carrying out script and plugin updates. The ModSecurity rules that we employ are updated regularly with a commercial package from a third-party security firm we work with, but oftentimes our staff include their own rules too when they find a new potential threat.