Discover what ModSecurity is, how it works and what actually it will do to protect your sites and web apps.
ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to a site without affecting its performance and in case it detects an intrusion attempt, it prevents it. The firewall additionally maintains a more comprehensive log for the site visitors than any server does, so you shall be able to keep an eye on what's going on with your websites better than if you rely simply on standard logs. ModSecurity employs security rules based on which it stops attacks. For instance, it recognizes if anyone is attempting to log in to the administrator area of a specific script multiple times or if a request is sent to execute a file with a particular command. In such cases these attempts trigger the corresponding rules and the software hinders the attempts instantly, after that records comprehensive info about them within its logs. ModSecurity is among the most effective software firewalls out there and it can protect your web apps against many threats and vulnerabilities, particularly in case you don’t update them or their plugins regularly.
ModSecurity in Shared Website Hosting
ModSecurity comes standard with all shared website hosting
plans which we supply and it shall be switched on automatically for any domain or subdomain you add/create in your Hepsia hosting CP. The firewall has 3 different modes, so you can switch on and disable it with a mouse click or set it to detection mode, so it'll keep a log of all attacks, but it'll not do anything to prevent them. The log for any of your websites shall contain comprehensive info such as the nature of the attack, where it originated from, what action was taken by ModSecurity, and so on. The firewall rules that we use are regularly updated and incorporate both commercial ones that we get from a third-party security business and custom ones our system admins add in case that they detect a new type of attacks. In this way, the websites that you host here shall be far more secure with no action needed on your end.
ModSecurity in Semi-dedicated Hosting
All semi-dedicated hosting
packages that we offer include ModSecurity and because the firewall is switched on by default, any site you create under a domain or a subdomain shall be secured immediately. An independent section in the Hepsia Control Panel which comes with the semi-dedicated accounts is dedicated to ModSecurity and it'll allow you to stop and start the firewall for any Internet site or switch on a detection mode. With the latter, ModSecurity won't take any action, but it'll still identify possible attacks and will keep all info within a log as if it were completely active. The logs can be found inside the very same section of the Control Panel and they feature info about the IP where an attack came from, what its nature was, what rule ModSecurity applies to identify and stop it, and so on. The security rules we employ on our machines are a mix of commercial ones from a security company and custom ones developed by our system admins. For that reason, we provide increased security for your web programs as we can shield them from attacks even before security businesses release updates for new threats.
ModSecurity in Dedicated Web Hosting
When you decide to host your sites on a dedicated server
with the Hepsia CP, your web programs will be protected straight away as ModSecurity is provided with all Hepsia-based plans. You shall be able to manage the firewall effortlessly and if necessary, you'll be able to turn it off or switch on its passive mode when it shall only maintain a log of what's taking place without taking any action to prevent possible attacks. The logs which you can find within the same section of the CP are really detailed and feature info about the attacker IP, what site and file were attacked and in what way, what rule the firewall employed to prevent the intrusion, and so forth. This information will permit you to take measures and enhance the security of your Internet sites even more. To be on the safe side, we employ not just commercial rules, but also custom-made ones that our staff include when they identify attacks that have not yet been included in the commercial pack.