ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to a site without affecting its performance and when it discovers an intrusion attempt, it prevents it. The firewall additionally maintains a more detailed log for the site visitors than any server does, so you'll be able to monitor what is going on with your Internet sites better than if you rely simply on standard logs. ModSecurity works with security rules based on which it stops attacks. For example, it detects if somebody is attempting to log in to the admin area of a specific script several times or if a request is sent to execute a file with a certain command. In these situations these attempts set off the corresponding rules and the firewall program hinders the attempts instantly, after that records in-depth information about them inside its logs. ModSecurity is amongst the best software firewalls available and it can easily protect your web apps against a huge number of threats and vulnerabilities, particularly in case you don’t update them or their plugins regularly.
ModSecurity in Cloud Web Hosting
We provide ModSecurity with all cloud web hosting solutions, so your Internet applications will be resistant to harmful attacks. The firewall is turned on by default for all domains and subdomains, but if you would like, you shall be able to stop it using the respective section of your Hepsia CP. You could also activate a detection mode, so ModSecurity shall keep a log as intended, but won't take any action. The logs which you'll discover within Hepsia are extremely detailed and include info about the nature of any attack, when it occurred and from what IP, the firewall rule which was triggered, etcetera. We employ a group of commercial rules which are often updated, but sometimes our administrators include custom rules as well in order to efficiently protect the Internet sites hosted on our machines.
ModSecurity in Semi-dedicated Hosting
All semi-dedicated hosting solutions that we offer feature ModSecurity and given that the firewall is enabled by default, any site you build under a domain or a subdomain shall be secured immediately. An independent section in the Hepsia Control Panel which comes with the semi-dedicated accounts is devoted to ModSecurity and it shall permit you to start and stop the firewall for any site or switch on a detection mode. With the last option, ModSecurity won't take any action, but it shall still recognize possible attacks and shall keep all data inside a log as if it were 100% active. The logs could be found inside the very same section of the CP and they feature info about the IP where an attack came from, what its nature was, what rule ModSecurity applies to identify and stop it, etcetera. The security rules which we employ on our machines are a mix between commercial ones from a security firm and custom ones developed by our system admins. For that reason, we provide higher security for your web programs as we can defend them from attacks before security corporations release updates for brand new threats.
ModSecurity in VPS Hosting
ModSecurity is pre-installed on all virtual private servers which are provided with the Hepsia hosting CP, so your web applications will be secured from the instant your server is in a position. The firewall is turned on by default for any domain or subdomain on the VPS, but if required, you could deactivate it with a mouse click from the corresponding section of Hepsia. You may also set it to work in detection mode, so it will keep an extensive log of any potential attacks without taking any action to prevent them. The logs are available in the exact same section and offer info about the nature of the attack, what IP it originated from and what ModSecurity rule was triggered to stop it. For optimum security, we employ not only commercial rules from a firm operating in the field of web security, but also custom ones which our administrators add personally in order to react to new risks which are still not tackled in the commercial rules.
ModSecurity in Dedicated Web Hosting
ModSecurity is included with all dedicated servers which are integrated with our Hepsia CP and you will not need to do anything specific on your end to use it as it's enabled by default whenever you include a new domain or subdomain on your hosting server. In the event that it interferes with some of your programs, you'll be able to stop it via the respective section of Hepsia, or you may leave it in passive mode, so it shall identify attacks and will still keep a log for them, but will not prevent them. You can analyze the logs later to learn what you can do to boost the safety of your websites as you'll find info such as where an intrusion attempt originated from, what website was attacked and in accordance with what rule ModSecurity reacted, etc. The rules which we use are commercial, thus they are constantly updated by a security provider, but to be on the safe side, our admins also include custom rules every now and then as to deal with any new threats they have identified.