Learn what ModSecurity is, how it functions and precisely what it does to protect your web sites and applications.
ModSecurity is a highly effective web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to an Internet site without affecting its performance and if it discovers an intrusion attempt, it prevents it. The firewall also keeps a more detailed log for the traffic than any server does, so you will be able to keep track of what's going on with your sites a lot better than if you rely simply on standard logs. ModSecurity employs security rules based on which it stops attacks. For example, it identifies if someone is attempting to log in to the admin area of a certain script several times or if a request is sent to execute a file with a particular command. In these circumstances these attempts set off the corresponding rules and the firewall software blocks the attempts in real time, and then records comprehensive details about them inside its logs. ModSecurity is amongst the best software firewalls on the market and it can protect your web applications against thousands of threats and vulnerabilities, particularly in case you don’t update them or their plugins frequently.
ModSecurity in Shared Hosting
ModSecurity comes by default with all shared hosting
solutions which we provide and it shall be turned on automatically for any domain or subdomain you add/create in your Hepsia hosting CP. The firewall has three different modes, so you can activate and disable it with just a click or set it to detection mode, so it shall maintain a log of all attacks, but it'll not do anything to stop them. The log for any of your websites will include elaborate information including the nature of the attack, where it originated from, what action was taken by ModSecurity, etc. The firewall rules we use are frequently updated and consist of both commercial ones which we get from a third-party security business and custom ones that our system admins add in the event that they detect a new type of attacks. This way, the Internet sites that you host here shall be much more protected with no action needed on your end.
ModSecurity in Semi-dedicated Hosting
All semi-dedicated hosting
plans that we offer come with ModSecurity and because the firewall is enabled by default, any site you set up under a domain or a subdomain will be protected immediately. An independent section inside the Hepsia CP that comes with the semi-dedicated accounts is dedicated to ModSecurity and it'll permit you to stop and start the firewall for any Internet site or activate a detection mode. With the last option, ModSecurity will not take any action, but it will still identify possible attacks and shall keep all data within a log as if it were 100% active. The logs can be found within the exact same section of the Control Panel and they include details about the IP where an attack came from, what its nature was, what rule ModSecurity applies to identify and stop it, and so on. The security rules that we employ on our machines are a mix between commercial ones from a security business and custom ones created by our system admins. Consequently, we offer increased security for your web programs as we can shield them from attacks even before security corporations release updates for completely new threats.
ModSecurity in VPS Hosting
ModSecurity is included with all Hepsia-based virtual private servers
that we offer and it'll be activated automatically for every new domain or subdomain you include on the machine. This way, any web application that you install shall be secured right away without doing anything personally on your end. The firewall can be handled through the section of the CP that bears the same name. This is the place in whichyou could turn off ModSecurity or let its passive mode, so it won't take any action against threats, but shall still maintain a detailed log. The recorded data is available inside the same section as well and you will be able to see what IPs any attacks came from so that you can block them, what the nature of the attempted attacks was and based on what security rules ModSecurity responded. The rules that we employ on our servers are a mixture between commercial ones which we get from a security organization and custom ones that are included by our admins to enhance the protection of any web applications hosted on our end.
ModSecurity in Dedicated Web Hosting
When you opt to host your Internet sites on a dedicated server
with the Hepsia Control Panel, your web applications will be protected immediately since ModSecurity is supplied with all Hepsia-based solutions. You'll be able to control the firewall effortlessly and if necessary, you'll be able to turn it off or enable its passive mode when it shall only keep a log of what is going on without taking any action to stop potential attacks. The logs which you will find in the very same section of the CP are extremely detailed and contain information about the attacker IP, what website and file were attacked and in what ways, what rule the firewall used to prevent the intrusion, etc. This data shall permit you to take measures and boost the security of your sites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones which our staff add when they recognize attacks which have not yet been included inside the commercial pack.