ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to a website without affecting its overall performance and in case it identifies an intrusion attempt, it prevents it. The firewall also keeps a more comprehensive log for the traffic than any web server does, so you shall manage to monitor what's happening with your sites better than if you rely only on conventional logs. ModSecurity employs security rules based on which it stops attacks. For example, it identifies whether anyone is attempting to log in to the admin area of a given script several times or if a request is sent to execute a file with a specific command. In such instances these attempts trigger the corresponding rules and the firewall hinders the attempts right away, after that records in-depth details about them within its logs. ModSecurity is one of the very best software firewalls available and it can protect your web apps against thousands of threats and vulnerabilities, especially in case you don’t update them or their plugins often.
ModSecurity in Cloud Web Hosting
We offer ModSecurity with all cloud web hosting plans, so your web applications shall be resistant to destructive attacks. The firewall is switched on by default for all domains and subdomains, but if you would like, you shall be able to stop it through the respective section of your Hepsia Control Panel. You'll be able to also switch on a detection mode, so ModSecurity will keep a log as intended, but will not take any action. The logs that you'll find in Hepsia are incredibly detailed and include data about the nature of any attack, when it occurred and from what IP, the firewall rule that was triggered, and so forth. We employ a range of commercial rules which are frequently updated, but sometimes our admins include custom rules as well in order to better protect the websites hosted on our machines.
ModSecurity in VPS Web Hosting
ModSecurity is pre-installed on all virtual private servers that are offered with the Hepsia hosting Control Panel, so your web programs will be secured from the instant your server is in a position. The firewall is switched on by default for any domain or subdomain on the Virtual Private Server, but if required, you can disable it with a mouse click through the corresponding section of Hepsia. You can also set it to operate in detection mode, so it'll keep a detailed log of any possible attacks without taking any action to prevent them. The logs are available in the same section and offer info about the nature of the attack, what IP it came from and what ModSecurity rule was activated to stop it. For maximum security, we use not just commercial rules from a business operating in the field of web security, but also custom ones which our administrators add personally so as to react to new threats which are still not tackled in the commercial rules.
ModSecurity in Dedicated Servers Hosting
ModSecurity comes with all dedicated servers which are set up with our Hepsia Control Panel and you won't need to do anything specific on your end to employ it as it is switched on by default each time you include a new domain or subdomain on your hosting server. In case it interferes with some of your programs, you'll be able to stop it through the respective section of Hepsia, or you can leave it operating in passive mode, so it will identify attacks and shall still keep a log for them, but won't block them. You'll be able to examine the logs later to find out what you can do to enhance the security of your sites as you shall find details such as where an intrusion attempt came from, what Internet site was attacked and in accordance with what rule ModSecurity responded, and so forth. The rules that we employ are commercial, therefore they're constantly updated by a security firm, but to be on the safe side, our administrators also add custom rules every now and then as to deal with any new threats they have identified.