ModSecurity is a powerful web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to a website without affecting its overall performance and if it identifies an intrusion attempt, it prevents it. The firewall additionally maintains a more detailed log for the traffic than any web server does, so you will manage to keep track of what's happening with your sites much better than if you rely only on conventional logs. ModSecurity uses security rules based on which it prevents attacks. For example, it detects if someone is attempting to log in to the admin area of a certain script several times or if a request is sent to execute a file with a specific command. In these instances these attempts trigger the corresponding rules and the firewall program hinders the attempts right away, and then records detailed information about them within its logs. ModSecurity is among the very best software firewalls on the market and it could easily protect your web apps against a huge number of threats and vulnerabilities, particularly if you don’t update them or their plugins regularly.
ModSecurity in Cloud Hosting
ModSecurity is supplied with all cloud hosting machines, so if you decide to host your Internet sites with our firm, they'll be protected against a wide range of attacks. The firewall is enabled by default for all domains and subdomains, so there shall be nothing you'll need to do on your end. You shall be able to stop ModSecurity for any website if needed, or to enable a detection mode, so that all activity shall be recorded, but the firewall won't take any real action. You shall be able to view comprehensive logs via your Hepsia Control Panel including the IP address where the attack originated from, what the attacker wished to do and how ModSecurity addressed the threat. As we take the safety of our clients' sites very seriously, we employ a group of commercial rules that we take from one of the leading firms that maintain this kind of rules. Our administrators also add custom rules to ensure that your Internet sites shall be protected against as many threats as possible.
ModSecurity in Semi-dedicated Hosting
Any web app which you install inside your new semi-dedicated hosting account will be protected by ModSecurity because the firewall is provided with all our hosting packages and is activated by default for any domain and subdomain which you add or create via your Hepsia hosting Control Panel. You shall be able to manage ModSecurity via a dedicated section inside Hepsia where not simply could you activate or deactivate it completely, but you may also activate a passive mode, so the firewall shall not stop anything, but it'll still maintain an archive of potential attacks. This normally requires just a click and you will be able to look at the logs no matter if ModSecurity is in passive or active mode through the same section - what the attack was and where it originated from, how it was addressed, etc. The firewall uses 2 sets of rules on our web servers - a commercial one which we get from a third-party web security provider and a custom one that our admins update manually as to respond to recently discovered risks immediately.
ModSecurity in VPS Web Hosting
ModSecurity is pre-installed on all virtual private servers that are offered with the Hepsia hosting CP, so your web apps shall be secured from the instant your server is in a position. The firewall is switched on by default for any domain or subdomain on the Virtual Private Server, but if required, you'll be able to disable it with a mouse click from the corresponding section of Hepsia. You could also set it to work in detection mode, so it'll maintain a comprehensive log of any possible attacks without taking any action to stop them. The logs are available in the exact same section and provide details about the nature of the attack, what IP address it came from and what ModSecurity rule was activated to stop it. For maximum security, we employ not just commercial rules from a company working in the field of web security, but also custom ones that our administrators add personally so as to respond to new risks which are still not tackled in the commercial rules.
ModSecurity in Dedicated Servers Hosting
All of our dedicated servers which are set up with the Hepsia hosting CP come with ModSecurity, so any program you upload or set up shall be secured from the very beginning and you will not need to worry about common attacks or vulnerabilities. An individual section inside Hepsia will allow you to start or stop the firewall for any domain or subdomain, or turn on a detection mode so that it records information regarding intrusions, but doesn't take actions to prevent them. What you'll find in the logs can easily allow you to to secure your Internet sites better - the IP address an attack came from, what website was attacked and exactly how, what ModSecurity rule was triggered, and so forth. With this data, you'll be able to see if a site needs an update, whether you need to block IPs from accessing your server, etcetera. Besides the third-party commercial security rules for ModSecurity that we use, our admins include custom ones too every time they find a new threat which is not yet a part of the commercial bundle.