ModSecurity
Discover what ModSecurity is, how it works and what exactly it does to protect your Internet sites and applications.
ModSecurity is a highly effective web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to a site without affecting its operation and if it discovers an intrusion attempt, it prevents it. The firewall additionally maintains a more comprehensive log for the website visitors than any web server does, so you'll be able to keep an eye on what's happening with your sites better than if you rely only on conventional logs. ModSecurity employs security rules based on which it stops attacks. For example, it recognizes whether anyone is attempting to log in to the administrator area of a certain script a number of times or if a request is sent to execute a file with a particular command. In these circumstances these attempts trigger the corresponding rules and the firewall blocks the attempts in real time, then records detailed details about them inside its logs. ModSecurity is one of the very best software firewalls available and it could easily protect your web applications against thousands of threats and vulnerabilities, especially in case you don’t update them or their plugins frequently.
-
ModSecurity in Cloud Hosting
ModSecurity is provided with all
cloud hosting machines, so when you opt to host your Internet sites with our organization, they shall be resistant to a wide array of attacks. The firewall is enabled as standard for all domains and subdomains, so there'll be nothing you will need to do on your end. You will be able to stop ModSecurity for any website if necessary, or to activate a detection mode, so that all activity shall be recorded, but the firewall won't take any real action. You'll be able to view comprehensive logs through your Hepsia Control Panel including the IP where the attack came from, what the attacker wished to do and how ModSecurity addressed the threat. Since we take the protection of our customers' sites very seriously, we employ a group of commercial rules that we get from one of the top companies that maintain such rules. Our administrators also include custom rules to make sure that your websites shall be protected against as many threats as possible.
-
ModSecurity in Semi-dedicated Hosting
ModSecurity is a part of our
semi-dedicated hosting plans and if you decide to host your sites with us, there won't be anything special you'll have to do given that the firewall is activated by default for all domains and subdomains you add through your hosting Control Panel. If necessary, you could disable ModSecurity for a particular site or activate the so-called detection mode in which case the firewall shall still operate and record info, but won't do anything to stop possible attacks on your websites. Detailed logs will be available inside your Control Panel and you shall be able to see what type of attacks occurred, what security rules were triggered and how the firewall addressed the threats, what Internet protocol addresses the attacks came from, etc. We use two types of rules on our servers - commercial ones from a business that operates in the field of web security, and custom ones which our administrators often add to respond to newly identified risks on time.
-
ModSecurity in VPS Hosting
All
virtual private servers which are offered with the Hepsia CP come with ModSecurity. The firewall is installed and switched on by default for all domains that are hosted on the machine, so there shall not be anything special that you'll need to do to protect your sites. It'll take you just a mouse click to stop ModSecurity if required or to turn on its passive mode so that it records what happens without taking any measures to prevent intrusions. You shall be able to look at the logs generated in active or passive mode via the corresponding section of Hepsia and learn more about the form of the attack, where it came from, what rule the firewall employed to deal with it, and so on. We employ a mixture of commercial and custom rules so as to make sure that ModSecurity shall stop as many threats as possible, therefore improving the protection of your web applications as much as possible.
-
ModSecurity in Dedicated Web Hosting
ModSecurity comes with all
dedicated servers that are set up with our Hepsia CP and you will not have to do anything specific on your end to use it because it's activated by default every time you add a new domain or subdomain on your hosting server. If it disrupts some of your apps, you will be able to stop it via the respective area of Hepsia, or you could leave it operating in passive mode, so it will recognize attacks and will still keep a log for them, but will not block them. You can look at the logs later to determine what you can do to boost the protection of your Internet sites since you will find info such as where an intrusion attempt originated from, what site was attacked and based upon what rule ModSecurity responded, etcetera. The rules which we employ are commercial, hence they are constantly updated by a security provider, but to be on the safe side, our administrators also add custom rules from time to time in order to react to any new threats they have found.