Find out what ModSecurity is, the way it works and just what it does to defend your sites and web apps.
ModSecurity is a potent web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a site without affecting its overall performance and when it discovers an intrusion attempt, it blocks it. The firewall additionally maintains a more detailed log for the website visitors than any server does, so you shall manage to keep an eye on what's happening with your Internet sites better than if you rely simply on standard logs. ModSecurity uses security rules based on which it stops attacks. For instance, it identifies if somebody is trying to log in to the admin area of a particular script a number of times or if a request is sent to execute a file with a certain command. In such cases these attempts set off the corresponding rules and the firewall blocks the attempts immediately, and then records comprehensive info about them inside its logs. ModSecurity is amongst the very best software firewalls out there and it can protect your web apps against thousands of threats and vulnerabilities, especially if you don’t update them or their plugins regularly.
ModSecurity in Cloud Hosting
ModSecurity is supplied with all cloud hosting
web servers, so when you choose to host your sites with our business, they shall be shielded from a wide array of attacks. The firewall is enabled by default for all domains and subdomains, so there shall be nothing you'll have to do on your end. You'll be able to stop ModSecurity for any website if required, or to activate a detection mode, so all activity will be recorded, but the firewall will not take any real action. You will be able to view detailed logs from your Hepsia Control Panel including the IP where the attack originated from, what the attacker planned to do and how ModSecurity handled the threat. Since we take the safety of our clients' Internet sites seriously, we employ a selection of commercial rules that we take from one of the best firms that maintain this kind of rules. Our administrators also include custom rules to make sure that your Internet sites shall be shielded from as many risks as possible.
ModSecurity in Semi-dedicated Servers
Any web program which you set up within your new semi-dedicated server
account shall be protected by ModSecurity as the firewall is provided with all our hosting solutions and is turned on by default for any domain and subdomain that you include or create using your Hepsia hosting Control Panel. You will be able to manage ModSecurity via a dedicated section inside Hepsia where not simply can you activate or deactivate it entirely, but you may also activate a passive mode, so the firewall shall not block anything, but it will still keep an archive of possible attacks. This takes only a mouse click and you will be able to see the logs no matter if ModSecurity is in passive or active mode through the same section - what the attack was and where it originated from, how it was dealt with, and so forth. The firewall employs 2 groups of rules on our web servers - a commercial one that we get from a third-party web security provider and a custom one which our administrators update personally in order to respond to recently discovered threats at the earliest opportunity.
ModSecurity in VPS Servers
ModSecurity comes with all Hepsia-based VPS servers
we offer and it'll be activated automatically for every new domain or subdomain you include on the hosting server. In this way, any web application that you install will be protected right from the start without doing anything personally on your end. The firewall may be managed via the section of the Control Panel that bears the same name. This is the place in whichyou'll be able to disable ModSecurity or enable its passive mode, so it won't take any action toward threats, but shall still keep a thorough log. The recorded data is available in the same area as well and you shall be able to see what IPs any attacks came from so that you can stop them, what the nature of the attempted attacks was and based upon what security rules ModSecurity reacted. The rules that we use on our servers are a blend between commercial ones that we get from a security organization and custom ones which are included by our staff to maximize the security of any web apps hosted on our end.
ModSecurity in Dedicated Servers
ModSecurity is offered by default with all dedicated servers
which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain that you host or subdomain that you create on the web server. Just in case that a web app doesn't function adequately, you can either turn off the firewall or set it to work in passive mode. The second means that ModSecurity shall maintain a log of any potential attack that could happen, but will not take any action to stop it. The logs generated in passive or active mode shall provide you with additional details about the exact file which was attacked, the nature of the attack and the IP it originated from, etcetera. This info shall allow you to determine what actions you can take to improve the security of your websites, such as blocking IPs or carrying out script and plugin updates. The ModSecurity rules we employ are updated often with a commercial bundle from a third-party security enterprise we work with, but from time to time our staff include their own rules also if they discover a new potential threat.