ModSecurity is a highly effective web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to an Internet site without affecting its operation and when it detects an intrusion attempt, it prevents it. The firewall additionally keeps a more thorough log for the traffic than any server does, so you will be able to monitor what is going on with your websites a lot better than if you rely simply on conventional logs. ModSecurity uses security rules based on which it helps prevent attacks. For instance, it identifies whether somebody is trying to log in to the admin area of a specific script several times or if a request is sent to execute a file with a specific command. In these cases these attempts trigger the corresponding rules and the firewall program hinders the attempts in real time, then records in-depth details about them in its logs. ModSecurity is amongst the best software firewalls on the market and it can easily protect your web applications against a large number of threats and vulnerabilities, especially if you don’t update them or their plugins frequently.
ModSecurity in Cloud Hosting
ModSecurity comes by default with all cloud hosting plans that we offer and it'll be switched on automatically for any domain or subdomain you add/create within your Hepsia hosting CP. The firewall has 3 different modes, so you can activate and deactivate it with only a click or set it to detection mode, so it shall maintain a log of all attacks, but it'll not do anything to stop them. The log for any of your websites shall contain detailed information which includes the nature of the attack, where it originated from, what action was taken by ModSecurity, and so on. The firewall rules that we use are frequently updated and incorporate both commercial ones which we get from a third-party security company and custom ones that our system administrators add in the event that they detect a new sort of attacks. In this way, the sites which you host here shall be much more protected with no action expected on your end.
ModSecurity in Semi-dedicated Hosting
We have integrated ModSecurity by default within all semi-dedicated hosting products, so your web apps will be protected whenever you set them up under any domain or subdomain. The Hepsia CP which comes with the semi-dedicated accounts shall permit you to activate or disable the firewall for any site with a mouse click. You will also have the ability to switch on a passive detection mode with which ModSecurity shall keep a log of potential attacks without actually preventing them. The detailed logs include things like the nature of the attack and what ModSecurity response this attack activated, where it came from, and so forth. The list of rules which we employ is regularly updated as to match any new risks that may appear on the Internet and it features both commercial rules that we get from a security business and custom-written ones that our administrators add in case they find a threat that is not present inside the commercial list yet.
ModSecurity in Dedicated Web Hosting
ModSecurity is available by default with all dedicated servers which are set up with the Hepsia CP and is set to “Active” automatically for any domain that you host or subdomain that you create on the hosting server. In the event that a web application does not operate properly, you can either turn off the firewall or set it to function in passive mode. The second means that ModSecurity will keep a log of any possible attack that could occur, but will not take any action to prevent it. The logs created in passive or active mode shall present you with additional details about the exact file which was attacked, the nature of the attack and the IP it originated from, and so forth. This info will permit you to determine what measures you can take to improve the protection of your websites, for instance blocking IPs or performing script and plugin updates. The ModSecurity rules that we employ are updated regularly with a commercial package from a third-party security enterprise we work with, but sometimes our admins add their own rules as well if they identify a new potential threat.