Discover what ModSecurity is, how it functions and precisely what it does so as to protect your sites and applications.
ModSecurity is a powerful web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its overall performance and when it detects an intrusion attempt, it blocks it. The firewall additionally keeps a more comprehensive log for the website visitors than any web server does, so you will manage to keep an eye on what is going on with your Internet sites much better than if you rely simply on conventional logs. ModSecurity works with security rules based on which it prevents attacks. For example, it recognizes whether anyone is attempting to log in to the admin area of a given script several times or if a request is sent to execute a file with a certain command. In such cases these attempts trigger the corresponding rules and the software blocks the attempts right away, after that records in-depth information about them inside its logs. ModSecurity is amongst the best software firewalls available and it can protect your web apps against thousands of threats and vulnerabilities, particularly if you don’t update them or their plugins frequently.
ModSecurity in Web Hosting
ModSecurity is supplied with all web hosting
servers, so if you decide to host your websites with our company, they will be resistant to a wide array of attacks. The firewall is turned on as standard for all domains and subdomains, so there'll be nothing you'll need to do on your end. You will be able to stop ModSecurity for any Internet site if necessary, or to switch on a detection mode, so that all activity will be recorded, but the firewall will not take any real action. You'll be able to view specific logs using your Hepsia Control Panel including the IP address where the attack originated from, what the attacker wanted to do and how ModSecurity dealt with the threat. Since we take the security of our clients' websites seriously, we use a group of commercial rules that we get from one of the best companies which maintain such rules. Our admins also add custom rules to make certain that your sites shall be protected against as many threats as possible.
ModSecurity in Semi-dedicated Servers
ModSecurity is part of our semi-dedicated server
packages and if you choose to host your sites with us, there won't be anything special you'll need to do as the firewall is turned on by default for all domains and subdomains that you include via your hosting CP. If necessary, you could disable ModSecurity for a particular site or enable the so-called detection mode in which case the firewall shall still function and record information, but shall not do anything to stop possible attacks on your sites. In depth logs shall be accessible in your CP and you'll be able to see what type of attacks occurred, what security rules were triggered and how the firewall dealt with the threats, what Internet protocol addresses the attacks came from, etc. We use two sorts of rules on our servers - commercial ones from a firm that operates in the field of web security, and customized ones which our administrators occasionally add to respond to newly discovered risks on time.
ModSecurity in VPS Servers
ModSecurity is pre-installed on all VPS servers
that are offered with the Hepsia hosting CP, so your web applications shall be protected from the instant your server is ready. The firewall is switched on by default for any domain or subdomain on the Virtual Private Server, but if necessary, you could deactivate it with a mouse click from the corresponding section of Hepsia. You may also set it to work in detection mode, so it'll keep a detailed log of any potential attacks without taking any action to prevent them. The logs can be found within the same section and include information about the nature of the attack, what IP address it came from and what ModSecurity rule was initiated to stop it. For best security, we employ not simply commercial rules from a business operating in the field of web security, but also custom ones which our admins include manually so as to react to new risks which are still not tackled in the commercial rules.
ModSecurity in Dedicated Servers
ModSecurity is included with all dedicated servers
which are integrated with our Hepsia CP and you'll not have to do anything specific on your end to employ it as it's turned on by default every time you include a new domain or subdomain on your web server. In the event that it disrupts any of your apps, you'll be able to stop it through the respective part of Hepsia, or you may leave it in passive mode, so it will identify attacks and will still keep a log for them, but shall not prevent them. You can examine the logs later to determine what you can do to increase the protection of your sites as you will find details such as where an intrusion attempt originated from, what website was attacked and based on what rule ModSecurity reacted, etc. The rules which we employ are commercial, therefore they are regularly updated by a security firm, but to be on the safe side, our staff also add custom rules once in a while in order to deal with any new threats they have discovered.