ModSecurity is a potent web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to a site without affecting its operation and if it discovers an intrusion attempt, it blocks it. The firewall additionally maintains a more comprehensive log for the website visitors than any web server does, so you'll be able to keep an eye on what is going on with your sites better than if you rely only on standard logs. ModSecurity uses security rules based on which it helps prevent attacks. For instance, it detects if anyone is trying to log in to the administrator area of a given script multiple times or if a request is sent to execute a file with a certain command. In these circumstances these attempts set off the corresponding rules and the firewall software hinders the attempts right away, and then records comprehensive details about them in its logs. ModSecurity is one of the most effective software firewalls out there and it could easily protect your web applications against many threats and vulnerabilities, particularly in case you don’t update them or their plugins frequently.
ModSecurity in Web Hosting
We provide ModSecurity with all web hosting plans, so your Internet apps will be shielded from destructive attacks. The firewall is activated by default for all domains and subdomains, but if you would like, you'll be able to stop it using the respective part of your Hepsia Control Panel. You could also switch on a detection mode, so ModSecurity shall keep a log as intended, but will not take any action. The logs that you will discover within Hepsia are incredibly detailed and include data about the nature of any attack, when it happened and from what IP, the firewall rule that was triggered, etc. We employ a range of commercial rules which are frequently updated, but sometimes our administrators add custom rules as well in order to efficiently protect the websites hosted on our machines.
ModSecurity in Semi-dedicated Servers
ModSecurity is a part of our semi-dedicated server plans and if you opt to host your sites with our company, there will not be anything special you'll have to do since the firewall is activated by default for all domains and subdomains you include through your hosting Control Panel. If required, you'll be able to disable ModSecurity for a certain Internet site or enable the so-called detection mode in which case the firewall shall still operate and record info, but will not do anything to prevent possible attacks on your sites. Thorough logs shall be readily available within your CP and you will be able to see what sort of attacks happened, what security rules were triggered and how the firewall dealt with the threats, what IP addresses the attacks originated from, and so on. We use 2 sorts of rules on our servers - commercial ones from a firm which operates in the field of web security, and custom ones that our admins sometimes add to respond to newly discovered threats on time.
ModSecurity in VPS Servers
Safety is essential to us, so we install ModSecurity on all VPS servers that are set up with the Hepsia Control Panel as a standard. The firewall could be managed through a dedicated section in Hepsia and is switched on automatically when you add a new domain or generate a subdomain, so you will not need to do anything personally. You'll also be able to disable it or turn on the so-called detection mode, so it will maintain a log of potential attacks which you can later examine, but won't prevent them. The logs in both passive and active modes contain information regarding the form of the attack and how it was prevented, what IP it originated from and other useful data that might help you to tighten the security of your websites by updating them or blocking IPs, for example. Beyond the commercial rules which we get for ModSecurity from a third-party security company, we also employ our own rules as occasionally we identify specific attacks that aren't yet present inside the commercial package. That way, we could improve the security of your VPS right away instead of awaiting an official update.
ModSecurity in Dedicated Servers
ModSecurity comes with all dedicated servers that are set up with our Hepsia CP and you will not need to do anything specific on your end to use it as it is switched on by default whenever you add a new domain or subdomain on your server. If it interferes with some of your programs, you'll be able to stop it through the respective part of Hepsia, or you could leave it working in passive mode, so it'll detect attacks and will still keep a log for them, but shall not prevent them. You'll be able to analyze the logs later to determine what you can do to increase the safety of your websites since you will find information such as where an intrusion attempt came from, what Internet site was attacked and based upon what rule ModSecurity responded, etcetera. The rules which we use are commercial, therefore they're regularly updated by a security company, but to be on the safe side, our admins also include custom rules from time to time as to respond to any new threats they have identified.