ModSecurity is a powerful web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to an Internet site without affecting its overall performance and if it identifies an intrusion attempt, it blocks it. The firewall also maintains a more detailed log for the traffic than any server does, so you shall manage to monitor what is going on with your sites a lot better than if you rely merely on standard logs. ModSecurity employs security rules based on which it stops attacks. For example, it detects if anyone is attempting to log in to the administration area of a particular script a number of times or if a request is sent to execute a file with a certain command. In such cases these attempts set off the corresponding rules and the firewall hinders the attempts immediately, and then records in-depth details about them in its logs. ModSecurity is amongst the best software firewalls available and it could easily protect your web applications against a huge number of threats and vulnerabilities, particularly if you don’t update them or their plugins often.
ModSecurity in Cloud Hosting
ModSecurity comes by default with all cloud hosting
solutions that we offer and it will be activated automatically for any domain or subdomain which you add/create inside your Hepsia hosting CP. The firewall has three different modes, so you can switch on and deactivate it with just a mouse click or set it to detection mode, so it will keep a log of all attacks, but it will not do anything to stop them. The log for any of your websites shall feature elaborate information which includes the nature of the attack, where it came from, what action was taken by ModSecurity, and so on. The firewall rules we use are regularly updated and incorporate both commercial ones that we get from a third-party security firm and custom ones our system admins add in case that they detect a new type of attacks. This way, the websites which you host here will be a lot more protected without any action required on your end.
ModSecurity in Semi-dedicated Servers
Any web program which you set up inside your new semi-dedicated server
account will be protected by ModSecurity as the firewall comes with all our hosting solutions and is activated by default for any domain and subdomain which you add or create via your Hepsia hosting CP. You shall be able to manage ModSecurity through a dedicated section within Hepsia where not simply can you activate or deactivate it entirely, but you could also switch on a passive mode, so the firewall won't block anything, but it'll still maintain an archive of potential attacks. This requires only a click and you shall be able to look at the logs regardless of if ModSecurity is in active or passive mode through the same section - what the attack was and where it came from, how it was handled, and so on. The firewall employs 2 sets of rules on our machines - a commercial one that we get from a third-party web security provider and a custom one that our admins update manually as to respond to newly discovered threats as soon as possible.
ModSecurity in VPS Servers
ModSecurity is included with all Hepsia-based VPS servers
that we offer and it shall be turned on automatically for every new domain or subdomain that you add on the server. This way, any web application you install shall be protected from the very beginning without doing anything by hand on your end. The firewall may be managed via the section of the Control Panel which has the same name. This is the place whereyou can disable ModSecurity or activate its passive mode, so it shall not take any action towards threats, but shall still maintain a comprehensive log. The recorded data is available inside the same area as well and you'll be able to see what IPs any attacks originated from so that you stop them, what the nature of the attempted attacks was and based upon what security rules ModSecurity responded. The rules that we use on our servers are a blend between commercial ones that we get from a security organization and custom ones which are added by our staff to maximize the security of any web apps hosted on our end.
ModSecurity in Dedicated Servers
ModSecurity is provided as standard with all dedicated servers
that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain which you host or subdomain that you create on the hosting server. Just in case that a web app does not work adequately, you could either switch off the firewall or set it to operate in passive mode. The second means that ModSecurity shall maintain a log of any potential attack which might occur, but will not take any action to stop it. The logs created in active or passive mode shall provide you with more details about the exact file which was attacked, the nature of the attack and the IP address it came from, etc. This data will enable you to determine what measures you can take to increase the security of your websites, for instance blocking IPs or performing script and plugin updates. The ModSecurity rules that we use are updated regularly with a commercial pack from a third-party security firm we work with, but occasionally our administrators add their own rules also in the event that they identify a new potential threat.