Find out what ModSecurity is really, how it operates and exactly what it does to protect your sites and web apps.
ModSecurity is a potent web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its functionality and in case it detects an intrusion attempt, it prevents it. The firewall also maintains a more detailed log for the website visitors than any server does, so you'll be able to keep track of what is going on with your sites much better than if you rely simply on conventional logs. ModSecurity employs security rules based on which it prevents attacks. For example, it detects if somebody is trying to log in to the administrator area of a certain script multiple times or if a request is sent to execute a file with a certain command. In these cases these attempts set off the corresponding rules and the firewall hinders the attempts in real time, and then records comprehensive information about them within its logs. ModSecurity is one of the very best software firewalls available and it can protect your web applications against many threats and vulnerabilities, particularly if you don’t update them or their plugins often.
ModSecurity in Shared Web Hosting
We offer ModSecurity with all shared web hosting
plans, so your web apps will be resistant to harmful attacks. The firewall is switched on by default for all domains and subdomains, but if you would like, you'll be able to stop it via the respective part of your Hepsia Control Panel. You'll be able to also activate a detection mode, so ModSecurity shall keep a log as intended, but shall not take any action. The logs that you'll find within Hepsia are very detailed and offer data about the nature of any attack, when it transpired and from what IP address, the firewall rule which was triggered, etc. We employ a group of commercial rules that are constantly updated, but sometimes our administrators include custom rules as well in order to efficiently protect the sites hosted on our machines.
ModSecurity in VPS Web Hosting
ModSecurity is pre-installed on all virtual private servers
which are set up with the Hepsia hosting CP, so your web apps shall be secured from the instant your server is in a position. The firewall is switched on by default for any domain or subdomain on the Virtual Private Server, but if necessary, you'll be able to deactivate it with a mouse click through the corresponding section of Hepsia. You may also set it to work in detection mode, so it shall maintain a comprehensive log of any potential attacks without taking any action to prevent them. The logs are available within the exact same section and offer information regarding the nature of the attack, what IP address it originated from and what ModSecurity rule was activated to stop it. For best security, we use not just commercial rules from a firm operating in the field of web security, but also custom ones which our administrators include personally so as to react to new threats which are still not dealt with in the commercial rules.
ModSecurity in Dedicated Servers Hosting
ModSecurity is provided by default with all dedicated servers
that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain you host or subdomain that you create on the server. In the event that a web application doesn't function correctly, you can either switch off the firewall or set it to function in passive mode. The second means that ModSecurity will keep a log of any possible attack which may happen, but will not take any action to stop it. The logs generated in passive or active mode will give you additional details about the exact file that was attacked, the form of the attack and the IP it came from, etcetera. This info will enable you to choose what measures you can take to boost the protection of your Internet sites, such as blocking IPs or performing script and plugin updates. The ModSecurity rules which we use are updated often with a commercial bundle from a third-party security company we work with, but oftentimes our administrators include their own rules too in the event that they find a new potential threat.