ModSecurity is a highly effective web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to an Internet site without affecting its overall performance and if it discovers an intrusion attempt, it blocks it. The firewall furthermore keeps a more thorough log for the traffic than any web server does, so you will be able to monitor what's happening with your Internet sites better than if you rely merely on conventional logs. ModSecurity employs security rules based on which it prevents attacks. For instance, it detects whether somebody is trying to log in to the admin area of a certain script several times or if a request is sent to execute a file with a particular command. In these instances these attempts trigger the corresponding rules and the firewall blocks the attempts immediately, and then records in-depth info about them inside its logs. ModSecurity is amongst the very best software firewalls available and it can protect your web applications against many threats and vulnerabilities, particularly in case you don’t update them or their plugins regularly.
ModSecurity in Cloud Hosting
ModSecurity is provided with all cloud hosting servers, so when you decide to host your Internet sites with our firm, they'll be shielded from a wide array of attacks. The firewall is enabled as standard for all domains and subdomains, so there shall be nothing you will need to do on your end. You'll be able to stop ModSecurity for any Internet site if required, or to activate a detection mode, so all activity shall be recorded, but the firewall shall not take any real action. You will be able to view detailed logs through your Hepsia CP including the IP address where the attack came from, what the attacker planned to do and how ModSecurity handled the threat. Since we take the safety of our customers' Internet sites seriously, we employ a collection of commercial rules which we get from one of the leading companies which maintain such rules. Our administrators also include custom rules to ensure that your Internet sites shall be protected against as many risks as possible.
ModSecurity in Semi-dedicated Servers
All semi-dedicated server solutions that we offer come with ModSecurity and since the firewall is enabled by default, any site which you set up under a domain or a subdomain shall be secured straight away. An independent section within the Hepsia CP which comes with the semi-dedicated accounts is devoted to ModSecurity and it'll enable you to start and stop the firewall for any site or switch on a detection mode. With the latter, ModSecurity will not take any action, but it will still recognize possible attacks and shall keep all data in a log as if it were 100% active. The logs could be found inside the same section of the Control Panel and they feature information about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to detect and stop it, etc. The security rules we employ on our web servers are a mix between commercial ones from a security company and custom ones developed by our system admins. Consequently, we provide increased security for your web programs as we can shield them from attacks before security companies release updates for new threats.
ModSecurity in VPS Servers
ModSecurity is provided with all Hepsia-based VPS servers which we offer and it'll be activated automatically for any new domain or subdomain you include on the web server. This way, any web application which you install shall be secured from the very beginning without doing anything by hand on your end. The firewall may be managed from the section of the CP which has the same name. This is the location whereyou could switch off ModSecurity or enable its passive mode, so it will not take any action against threats, but shall still maintain a thorough log. The recorded information is available in the same area as well and you shall be able to see what IPs any attacks originated from to enable you to block them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity reacted. The rules we employ on our servers are a combination between commercial ones that we get from a security organization and custom ones which are included by our admins to enhance the protection of any web apps hosted on our end.
ModSecurity in Dedicated Servers
If you opt to host your websites on a dedicated server with the Hepsia CP, your web apps shall be protected immediately as ModSecurity is provided with all Hepsia-based plans. You'll be able to manage the firewall with ease and if needed, you shall be able to turn it off or activate its passive mode when it will only keep a log of what's taking place without taking any action to stop possible attacks. The logs which you'll find inside the exact same section of the CP are extremely detailed and feature information about the attacker IP address, what site and file were attacked and in what way, what rule the firewall employed to stop the intrusion, and so forth. This info will enable you to take measures and boost the protection of your sites even more. To be on the safe side, we employ not just commercial rules, but also custom-made ones that our staff add every time they identify attacks which have not yet been included within the commercial pack.