Find out what ModSecurity is, how it functions and just what it does in order to protect your Internet sites and apps.
ModSecurity is a highly effective web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to a site without affecting its operation and if it detects an intrusion attempt, it prevents it. The firewall furthermore keeps a more comprehensive log for the traffic than any server does, so you'll be able to keep an eye on what is going on with your Internet sites much better than if you rely merely on standard logs. ModSecurity works with security rules based on which it helps prevent attacks. For instance, it detects whether somebody is attempting to log in to the admin area of a specific script multiple times or if a request is sent to execute a file with a specific command. In these circumstances these attempts trigger the corresponding rules and the firewall program hinders the attempts instantly, then records in-depth info about them within its logs. ModSecurity is amongst the very best software firewalls on the market and it can easily protect your web applications against thousands of threats and vulnerabilities, particularly if you don’t update them or their plugins regularly.
ModSecurity in Cloud Hosting
ModSecurity is available on all cloud hosting
servers, so if you opt to host your Internet sites with our business, they will be protected against an array of attacks. The firewall is turned on as standard for all domains and subdomains, so there shall be nothing you'll need to do on your end. You shall be able to stop ModSecurity for any website if needed, or to activate a detection mode, so that all activity shall be recorded, but the firewall shall not take any real action. You shall be able to view comprehensive logs via your Hepsia Control Panel including the IP where the attack came from, what the attacker planned to do and how ModSecurity dealt with the threat. As we take the safety of our customers' websites very seriously, we use a set of commercial rules which we get from one of the leading companies that maintain this type of rules. Our administrators also include custom rules to ensure that your sites will be protected against as many threats as possible.
ModSecurity in Semi-dedicated Hosting
ModSecurity is part of our semi-dedicated hosting
plans and if you choose to host your Internet sites with our company, there shall not be anything special you will have to do as the firewall is switched on by default for all domains and subdomains which you add using your hosting CP. If required, you could disable ModSecurity for a certain site or turn on the so-called detection mode in which case the firewall shall still function and record data, but will not do anything to prevent potential attacks on your sites. Comprehensive logs shall be readily available inside your Control Panel and you'll be able to see what sort of attacks happened, what security rules were triggered and how the firewall dealt with the threats, what IP addresses the attacks came from, etc. We use 2 types of rules on our servers - commercial ones from an organization which operates in the field of web security, and custom made ones which our administrators sometimes include to respond to newly identified threats on time.
ModSecurity in VPS
All virtual private servers
that are set up with the Hepsia CP include ModSecurity. The firewall is set up and activated by default for all domains which are hosted on the machine, so there will not be anything special that you shall have to do to protect your websites. It shall take you a mouse click to stop ModSecurity if necessary or to activate its passive mode so that it records what occurs without taking any steps to prevent intrusions. You shall be able to see the logs produced in passive or active mode from the corresponding section of Hepsia and discover more about the type of the attack, where it came from, what rule the firewall used to handle it, and so on. We use a mixture of commercial and custom rules so as to ensure that ModSecurity will stop as many threats as possible, hence enhancing the security of your web applications as much as possible.
ModSecurity in Dedicated Hosting
ModSecurity is offered by default with all dedicated servers
that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain which you host or subdomain which you create on the hosting server. In the event that a web app doesn't work adequately, you could either switch off the firewall or set it to operate in passive mode. The latter means that ModSecurity will maintain a log of any potential attack which may occur, but shall not take any action to prevent it. The logs produced in active or passive mode shall present you with additional details about the exact file which was attacked, the form of the attack and the IP address it originated from, etcetera. This info shall permit you to choose what actions you can take to improve the security of your sites, such as blocking IPs or carrying out script and plugin updates. The ModSecurity rules we use are updated constantly with a commercial pack from a third-party security company we work with, but occasionally our admins include their own rules also when they discover a new potential threat.