Learn what ModSecurity is in fact, the way it works and precisely what it can do to guard your sites and applications.
ModSecurity is a highly effective web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to a site without affecting its functionality and if it discovers an intrusion attempt, it prevents it. The firewall furthermore keeps a more thorough log for the traffic than any server does, so you will be able to keep an eye on what is happening with your sites better than if you rely merely on conventional logs. ModSecurity uses security rules based on which it helps prevent attacks. For example, it identifies whether someone is attempting to log in to the administration area of a particular script several times or if a request is sent to execute a file with a particular command. In these instances these attempts set off the corresponding rules and the firewall program hinders the attempts in real time, then records detailed details about them within its logs. ModSecurity is amongst the best software firewalls available and it can protect your web apps against many threats and vulnerabilities, especially in case you don’t update them or their plugins regularly.
ModSecurity in Cloud Web Hosting
ModSecurity is provided with all cloud web hosting
web servers, so if you opt to host your Internet sites with our firm, they'll be resistant to a wide array of attacks. The firewall is enabled by default for all domains and subdomains, so there'll be nothing you shall have to do on your end. You will be able to stop ModSecurity for any site if needed, or to switch on a detection mode, so that all activity will be recorded, but the firewall shall not take any real action. You shall be able to view detailed logs from your Hepsia CP including the IP where the attack came from, what the attacker planned to do and how ModSecurity addressed the threat. Since we take the security of our customers' websites seriously, we use a selection of commercial rules which we get from one of the top firms that maintain such rules. Our administrators also add custom rules to make certain that your Internet sites will be shielded from as many risks as possible.
ModSecurity in Semi-dedicated Servers
Any web program which you install in your new semi-dedicated server
account shall be protected by ModSecurity since the firewall is included with all our hosting solutions and is turned on by default for any domain and subdomain which you add or create using your Hepsia hosting Control Panel. You will be able to manage ModSecurity via a dedicated section in Hepsia where not only could you activate or deactivate it completely, but you could also switch on a passive mode, so the firewall will not block anything, but it shall still keep an archive of potential attacks. This requires only a mouse click and you will be able to see the logs regardless if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was dealt with, and so on. The firewall employs 2 sets of rules on our machines - a commercial one which we get from a third-party web security firm and a custom one which our administrators update personally in order to respond to newly discovered threats as quickly as possible.
ModSecurity in VPS Servers
Safety is vital to us, so we set up ModSecurity on all VPS servers
that are provided with the Hepsia Control Panel by default. The firewall can be managed via a dedicated section within Hepsia and is turned on automatically when you add a new domain or create a subdomain, so you'll not have to do anything personally. You shall also be able to deactivate it or turn on the so-called detection mode, so it'll maintain a log of potential attacks which you can later analyze, but shall not prevent them. The logs in both passive and active modes include information regarding the kind of the attack and how it was stopped, what IP it came from and other useful data which might help you to tighten the security of your Internet sites by updating them or blocking IPs, as an example. On top of the commercial rules we get for ModSecurity from a third-party security enterprise, we also employ our own rules since occasionally we find specific attacks which are not yet present in the commercial pack. This way, we could boost the protection of your Virtual private server instantly instead of waiting for a certified update.
ModSecurity in Dedicated Servers
ModSecurity is provided as standard with all dedicated servers
that are set up with the Hepsia CP and is set to “Active” automatically for any domain you host or subdomain which you create on the hosting server. In case that a web application does not function correctly, you can either turn off the firewall or set it to work in passive mode. The second means that ModSecurity will maintain a log of any possible attack that could occur, but shall not take any action to prevent it. The logs created in active or passive mode shall present you with more details about the exact file which was attacked, the type of the attack and the IP it originated from, and so forth. This information will permit you to determine what actions you can take to improve the safety of your sites, including blocking IPs or performing script and plugin updates. The ModSecurity rules that we employ are updated frequently with a commercial package from a third-party security company we work with, but occasionally our administrators add their own rules too in the event that they discover a new potential threat.