Find out what ModSecurity is, how it works and what precisely it can do to protect your web sites and web applications.
ModSecurity is a potent web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a site without affecting its performance and in case it discovers an intrusion attempt, it prevents it. The firewall additionally keeps a more thorough log for the website visitors than any server does, so you will manage to keep an eye on what's going on with your Internet sites a lot better than if you rely only on conventional logs. ModSecurity uses security rules based on which it helps prevent attacks. For example, it identifies whether anyone is trying to log in to the admin area of a particular script multiple times or if a request is sent to execute a file with a specific command. In such cases these attempts trigger the corresponding rules and the firewall program blocks the attempts immediately, after that records comprehensive details about them in its logs. ModSecurity is amongst the most effective software firewalls available and it could easily protect your web apps against a huge number of threats and vulnerabilities, especially in case you don’t update them or their plugins frequently.
ModSecurity in Cloud Website Hosting
ModSecurity comes standard with all cloud website hosting
plans that we offer and it will be turned on automatically for any domain or subdomain you add/create in your Hepsia hosting CP. The firewall has three different modes, so you'll be able to switch on and deactivate it with just a mouse click or set it to detection mode, so it shall maintain a log of all attacks, but it shall not do anything to prevent them. The log for each of your websites shall include in-depth information including the nature of the attack, where it came from, what action was taken by ModSecurity, etcetera. The firewall rules that we use are constantly updated and include both commercial ones which we get from a third-party security firm and custom ones that our system administrators add in case that they detect a new type of attacks. In this way, the sites which you host here will be far more secure with no action expected on your end.
ModSecurity in Semi-dedicated Hosting
ModSecurity is a part of our semi-dedicated hosting
packages and if you decide to host your sites with our company, there won't be anything special you'll need to do since the firewall is turned on by default for all domains and subdomains that you include using your hosting CP. If necessary, you can disable ModSecurity for a certain site or turn on the so-called detection mode in which case the firewall shall still function and record info, but shall not do anything to prevent potential attacks on your sites. Thorough logs shall be accessible inside your CP and you will be able to see which kind of attacks happened, what security rules were triggered and how the firewall dealt with the threats, what Internet protocol addresses the attacks originated from, etc. We use 2 types of rules on our servers - commercial ones from a company which operates in the field of web security, and customized ones which our admins sometimes include to respond to newly discovered risks in a timely manner.
ModSecurity in VPS
All virtual private servers
which are set up with the Hepsia Control Panel come with ModSecurity. The firewall is set up and switched on by default for all domains that are hosted on the machine, so there will not be anything special that you shall have to do to protect your Internet sites. It will take you only a click to stop ModSecurity if required or to switch on its passive mode so that it records what goes on without taking any actions to stop intrusions. You will be able to view the logs produced in active or passive mode via the corresponding section of Hepsia and discover more about the type of the attack, where it came from, what rule the firewall employed to take care of it, etcetera. We use a mix of commercial and custom rules in order to make sure that ModSecurity will stop as many threats as possible, thus boosting the protection of your web programs as much as possible.
ModSecurity in Dedicated Hosting
ModSecurity is included with all dedicated servers
that are integrated with our Hepsia Control Panel and you won't need to do anything specific on your end to employ it as it is activated by default every time you add a new domain or subdomain on your server. In the event that it interferes with some of your applications, you'll be able to stop it via the respective area of Hepsia, or you can leave it operating in passive mode, so it'll recognize attacks and shall still maintain a log for them, but won't prevent them. You'll be able to analyze the logs later to learn what you can do to enhance the security of your sites as you will find info such as where an intrusion attempt came from, what website was attacked and in accordance with what rule ModSecurity reacted, and so on. The rules that we employ are commercial, therefore they are frequently updated by a security company, but to be on the safe side, our administrators also include custom rules every now and then in order to respond to any new threats they have discovered.