ModSecurity is a powerful web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to an Internet site without affecting its operation and if it discovers an intrusion attempt, it blocks it. The firewall also maintains a more comprehensive log for the site visitors than any web server does, so you shall be able to keep track of what is going on with your Internet sites a lot better than if you rely only on standard logs. ModSecurity employs security rules based on which it stops attacks. For example, it detects if anyone is trying to log in to the administrator area of a given script a number of times or if a request is sent to execute a file with a particular command. In such situations these attempts trigger the corresponding rules and the software blocks the attempts immediately, then records detailed info about them in its logs. ModSecurity is amongst the most effective software firewalls available and it can easily protect your web apps against a large number of threats and vulnerabilities, especially if you don’t update them or their plugins regularly.
ModSecurity in Cloud Hosting
We provide ModSecurity with all cloud hosting packages, so your Internet applications will be protected against destructive attacks. The firewall is activated by default for all domains and subdomains, but in case you would like, you will be able to stop it via the respective part of your Hepsia Control Panel. You can also activate a detection mode, so ModSecurity will keep a log as intended, but shall not take any action. The logs that you shall discover inside Hepsia are quite detailed and feature info about the nature of any attack, when it transpired and from what IP address, the firewall rule that was triggered, etc. We use a group of commercial rules that are frequently updated, but sometimes our administrators add custom rules as well in order to better protect the sites hosted on our machines.
ModSecurity in Semi-dedicated Hosting
We've included ModSecurity by default inside all semi-dedicated hosting packages, so your web applications will be protected as soon as you install them under any domain or subdomain. The Hepsia CP which comes with the semi-dedicated accounts will permit you to enable or turn off the firewall for any website with a click. You shall also have the ability to switch on a passive detection mode in which ModSecurity shall keep a log of possible attacks without actually preventing them. The comprehensive logs contain the nature of the attack and what ModSecurity response this attack generated, where it came from, and so on. The list of rules which we employ is frequently updated as to match any new threats which might appear on the Internet and it features both commercial rules that we get from a security corporation and custom-written ones which our administrators include if they find a threat which is not present within the commercial list yet.
ModSecurity in Dedicated Web Hosting
ModSecurity is available by default with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain you host or subdomain which you create on the web server. Just in case that a web application doesn't operate properly, you can either disable the firewall or set it to function in passive mode. The second means that ModSecurity shall keep a log of any potential attack which might take place, but will not take any action to stop it. The logs created in active or passive mode will provide you with additional details about the exact file that was attacked, the form of the attack and the IP address it came from, etcetera. This information will enable you to determine what steps you can take to increase the protection of your websites, such as blocking IPs or carrying out script and plugin updates. The ModSecurity rules we employ are updated frequently with a commercial package from a third-party security provider we work with, but sometimes our administrators include their own rules also when they identify a new potential threat.