ModSecurity is a potent web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a site without affecting its performance and when it detects an intrusion attempt, it blocks it. The firewall furthermore keeps a more detailed log for the website visitors than any web server does, so you'll be able to monitor what is happening with your Internet sites much better than if you rely only on standard logs. ModSecurity employs security rules based on which it stops attacks. For instance, it recognizes if somebody is attempting to log in to the administration area of a certain script a number of times or if a request is sent to execute a file with a certain command. In such circumstances these attempts set off the corresponding rules and the firewall software hinders the attempts instantly, and then records comprehensive information about them within its logs. ModSecurity is among the most effective software firewalls on the market and it could easily protect your web applications against many threats and vulnerabilities, especially if you don’t update them or their plugins often.
ModSecurity in Cloud Hosting
ModSecurity is provided with all cloud hosting web servers, so if you choose to host your websites with our firm, they'll be shielded from a wide range of attacks. The firewall is turned on by default for all domains and subdomains, so there will be nothing you'll have to do on your end. You shall be able to stop ModSecurity for any website if necessary, or to switch on a detection mode, so that all activity will be recorded, but the firewall shall not take any real action. You will be able to view specific logs through your Hepsia CP including the IP where the attack originated from, what the attacker planned to do and how ModSecurity dealt with the threat. Since we take the safety of our customers' websites very seriously, we employ a selection of commercial rules that we take from one of the best companies which maintain this sort of rules. Our admins also include custom rules to ensure that your sites shall be protected against as many risks as possible.
ModSecurity in Semi-dedicated Hosting
Any web app that you install within your new semi-dedicated hosting account shall be protected by ModSecurity because the firewall is included with all our hosting solutions and is activated by default for any domain and subdomain that you include or create via your Hepsia hosting Control Panel. You'll be able to manage ModSecurity via a dedicated section in Hepsia where not simply could you activate or deactivate it completely, but you can also enable a passive mode, so the firewall will not block anything, but it will still maintain an archive of possible attacks. This takes simply a click and you shall be able to look at the logs regardless if ModSecurity is in passive or active mode through the same section - what the attack was and where it originated from, how it was taken care of, and so on. The firewall uses 2 sets of rules on our servers - a commercial one which we get from a third-party web security provider and a custom one which our administrators update manually as to respond to recently discovered risks immediately.
ModSecurity in Dedicated Hosting
When you decide to host your websites on a dedicated server with the Hepsia Control Panel, your web apps shall be protected right away since ModSecurity is supplied with all Hepsia-based plans. You'll be able to manage the firewall with ease and if necessary, you'll be able to turn it off or switch on its passive mode when it shall only maintain a log of what is occurring without taking any action to stop potential attacks. The logs which you will find within the very same section of the CP are very detailed and include information about the attacker IP address, what website and file were attacked and in what ways, what rule the firewall employed to stop the intrusion, and so on. This info will allow you to take measures and increase the security of your websites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones which our staff include every time they detect attacks that have not yet been included in the commercial pack.