Discover what ModSecurity is, how it functions and precisely what it does so as to protect your Internet sites and apps.
ModSecurity is a powerful web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to an Internet site without affecting its overall performance and if it discovers an intrusion attempt, it prevents it. The firewall furthermore keeps a more detailed log for the site visitors than any web server does, so you will be able to monitor what is happening with your websites much better than if you rely merely on conventional logs. ModSecurity uses security rules based on which it prevents attacks. For instance, it detects if somebody is attempting to log in to the administration area of a given script a number of times or if a request is sent to execute a file with a specific command. In these situations these attempts set off the corresponding rules and the software blocks the attempts in real time, then records detailed info about them inside its logs. ModSecurity is among the best software firewalls on the market and it can easily protect your web applications against many threats and vulnerabilities, especially in case you don’t update them or their plugins frequently.
ModSecurity in Web Hosting
ModSecurity is supplied with all web hosting
machines, so when you decide to host your sites with our business, they will be protected against a wide range of attacks. The firewall is turned on as standard for all domains and subdomains, so there shall be nothing you'll have to do on your end. You shall be able to stop ModSecurity for any Internet site if necessary, or to enable a detection mode, so that all activity will be recorded, but the firewall will not take any real action. You'll be able to view detailed logs using your Hepsia Control Panel including the IP where the attack came from, what the attacker wanted to do and how ModSecurity dealt with the threat. As we take the safety of our clients' Internet sites seriously, we use a collection of commercial rules that we take from one of the best companies that maintain this sort of rules. Our administrators also include custom rules to make certain that your websites shall be resistant to as many threats as possible.
ModSecurity in Semi-dedicated Servers
ModSecurity is part of our semi-dedicated server
packages and if you choose to host your websites with our company, there will not be anything special you'll need to do given that the firewall is activated by default for all domains and subdomains you add using your hosting Control Panel. If required, you'll be able to disable ModSecurity for a particular website or turn on the so-called detection mode in which case the firewall will still operate and record information, but shall not do anything to prevent potential attacks on your sites. Detailed logs shall be available in your Control Panel and you'll be able to see what sort of attacks took place, what security rules were triggered and how the firewall dealt with the threats, what Internet protocol addresses the attacks originated from, etcetera. We employ 2 sorts of rules on our servers - commercial ones from a business that operates in the field of web security, and custom made ones which our administrators often include to respond to newly found risks promptly.
ModSecurity in VPS Servers
All VPS servers
that are offered with the Hepsia Control Panel feature ModSecurity. The firewall is installed and switched on by default for all domains which are hosted on the web server, so there will not be anything special which you shall have to do to protect your Internet sites. It will take you a mouse click to stop ModSecurity if required or to turn on its passive mode so that it records what happens without taking any steps to stop intrusions. You shall be able to see the logs produced in active or passive mode through the corresponding section of Hepsia and learn more about the form of the attack, where it came from, what rule the firewall used to deal with it, etc. We employ a combination of commercial and custom rules in order to make sure that ModSecurity shall stop as many risks as possible, consequently enhancing the security of your web applications as much as possible.
ModSecurity in Dedicated Servers
ModSecurity is offered by default with all dedicated servers
that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain which you host or subdomain which you create on the web server. In the event that a web app does not work correctly, you could either turn off the firewall or set it to function in passive mode. The second means that ModSecurity shall maintain a log of any potential attack that may happen, but will not take any action to stop it. The logs generated in passive or active mode shall give you more details about the exact file that was attacked, the nature of the attack and the IP it came from, etcetera. This information will enable you to determine what steps you can take to enhance the security of your Internet sites, including blocking IPs or carrying out script and plugin updates. The ModSecurity rules we use are updated frequently with a commercial pack from a third-party security enterprise we work with, but oftentimes our admins add their own rules also if they come across a new potential threat.