ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to an Internet site without affecting its functionality and in case it identifies an intrusion attempt, it prevents it. The firewall also maintains a more comprehensive log for the website visitors than any web server does, so you'll be able to keep an eye on what is going on with your Internet sites much better than if you rely merely on standard logs. ModSecurity uses security rules based on which it stops attacks. For example, it identifies if someone is attempting to log in to the administration area of a certain script several times or if a request is sent to execute a file with a particular command. In such instances these attempts set off the corresponding rules and the firewall program blocks the attempts right away, after that records detailed information about them inside its logs. ModSecurity is one of the best software firewalls on the market and it can easily protect your web apps against a huge number of threats and vulnerabilities, especially if you don’t update them or their plugins frequently.
ModSecurity in Cloud Web Hosting
ModSecurity is provided with all cloud web hosting
web servers, so if you decide to host your sites with our firm, they'll be resistant to an array of attacks. The firewall is enabled as standard for all domains and subdomains, so there'll be nothing you'll have to do on your end. You'll be able to stop ModSecurity for any site if needed, or to switch on a detection mode, so all activity shall be recorded, but the firewall will not take any real action. You shall be able to view detailed logs through your Hepsia Control Panel including the IP address where the attack originated from, what the attacker planned to do and how ModSecurity dealt with the threat. Since we take the security of our clients' sites seriously, we employ a collection of commercial rules which we get from one of the top companies that maintain this sort of rules. Our admins also include custom rules to make sure that your Internet sites shall be shielded from as many risks as possible.
ModSecurity in Semi-dedicated Servers
We have integrated ModSecurity as a standard in all semi-dedicated server
plans, so your web apps will be protected the instant you set them up under any domain or subdomain. The Hepsia CP that comes with the semi-dedicated accounts shall permit you to enable or disable the firewall for any Internet site with a mouse click. You shall also have the ability to activate a passive detection mode in which ModSecurity shall keep a log of potential attacks without actually preventing them. The thorough logs include the nature of the attack and what ModSecurity response this attack generated, where it came from, and so on. The list of rules which we use is constantly updated as to match any new threats which may appear on the Internet and it consists of both commercial rules that we get from a security business and custom-written ones which our admins add if they find a threat which is not present inside the commercial list yet.
ModSecurity in Dedicated Servers
ModSecurity is offered by default with all dedicated servers
which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain you host or subdomain that you create on the server. In the event that a web app doesn't operate properly, you could either switch off the firewall or set it to work in passive mode. The second means that ModSecurity shall maintain a log of any possible attack which may occur, but will not take any action to prevent it. The logs created in passive or active mode will present you with additional details about the exact file which was attacked, the nature of the attack and the IP it originated from, and so on. This data shall enable you to determine what actions you can take to enhance the protection of your Internet sites, such as blocking IPs or performing script and plugin updates. The ModSecurity rules we employ are updated frequently with a commercial package from a third-party security firm we work with, but sometimes our administrators include their own rules as well if they come across a new potential threat.