ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to an Internet site without affecting its functionality and when it discovers an intrusion attempt, it blocks it. The firewall also keeps a more comprehensive log for the traffic than any server does, so you will be able to monitor what's going on with your sites a lot better than if you rely only on standard logs. ModSecurity uses security rules based on which it helps prevent attacks. For instance, it identifies if someone is attempting to log in to the admin area of a specific script multiple times or if a request is sent to execute a file with a specific command. In such situations these attempts set off the corresponding rules and the firewall program blocks the attempts immediately, after that records detailed information about them in its logs. ModSecurity is amongst the most effective software firewalls out there and it could easily protect your web applications against a huge number of threats and vulnerabilities, particularly if you don’t update them or their plugins frequently.
ModSecurity in Cloud Hosting
ModSecurity is provided with all cloud hosting machines, so when you decide to host your websites with our company, they will be resistant to an array of attacks. The firewall is turned on by default for all domains and subdomains, so there shall be nothing you will have to do on your end. You will be able to stop ModSecurity for any website if required, or to activate a detection mode, so all activity shall be recorded, but the firewall shall not take any real action. You will be able to view detailed logs through your Hepsia Control Panel including the IP address where the attack originated from, what the attacker wanted to do and how ModSecurity handled the threat. Since we take the safety of our clients' sites seriously, we employ a group of commercial rules that we get from one of the top companies that maintain this type of rules. Our admins also include custom rules to make certain that your sites shall be shielded from as many risks as possible.
ModSecurity in Dedicated Servers
ModSecurity is available as standard with all dedicated servers which are set up with the Hepsia CP and is set to “Active” automatically for any domain which you host or subdomain you create on the web server. Just in case that a web app does not work properly, you can either disable the firewall or set it to operate in passive mode. The latter means that ModSecurity shall maintain a log of any possible attack that might happen, but shall not take any action to stop it. The logs created in active or passive mode will present you with additional details about the exact file that was attacked, the nature of the attack and the IP it came from, etcetera. This data will enable you to decide what steps you can take to boost the security of your sites, including blocking IPs or performing script and plugin updates. The ModSecurity rules which we use are updated constantly with a commercial bundle from a third-party security firm we work with, but from time to time our administrators include their own rules too when they identify a new potential threat.