Learn what ModSecurity is, what it does and just what exactly it will do to defend your websites and web apps.
ModSecurity is a powerful web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to a site without affecting its operation and when it identifies an intrusion attempt, it blocks it. The firewall also keeps a more thorough log for the website visitors than any server does, so you will be able to keep track of what's happening with your websites a lot better than if you rely merely on conventional logs. ModSecurity uses security rules based on which it helps prevent attacks. For example, it identifies whether somebody is trying to log in to the administration area of a particular script a number of times or if a request is sent to execute a file with a specific command. In these cases these attempts trigger the corresponding rules and the software hinders the attempts right away, and then records in-depth information about them inside its logs. ModSecurity is amongst the best software firewalls on the market and it could easily protect your web apps against a huge number of threats and vulnerabilities, especially in case you don’t update them or their plugins often.
ModSecurity in Cloud Hosting
ModSecurity comes standard with all cloud hosting
packages which we offer and it'll be switched on automatically for any domain or subdomain which you add/create inside your Hepsia hosting CP. The firewall has 3 different modes, so you could activate and disable it with simply a click or set it to detection mode, so it will maintain a log of all attacks, but it'll not do anything to stop them. The log for any of your sites will feature elaborate info such as the nature of the attack, where it originated from, what action was taken by ModSecurity, and so forth. The firewall rules we use are frequently updated and incorporate both commercial ones we get from a third-party security company and custom ones which our system admins add in case that they detect a new kind of attacks. That way, the Internet sites that you host here shall be much more protected with no action required on your end.
ModSecurity in VPS Servers
Security is essential to us, so we install ModSecurity on all VPS servers
that are set up with the Hepsia Control Panel by default. The firewall could be managed through a dedicated section inside Hepsia and is turned on automatically when you add a new domain or generate a subdomain, so you will not have to do anything personally. You'll also be able to deactivate it or activate the so-called detection mode, so it shall maintain a log of potential attacks which you can later analyze, but won't prevent them. The logs in both passive and active modes include details about the form of the attack and how it was stopped, what IP it came from and other valuable data which might help you to tighten the security of your websites by updating them or blocking IPs, for example. In addition to the commercial rules that we get for ModSecurity from a third-party security firm, we also employ our own rules since once in a while we detect specific attacks that aren't yet present in the commercial group. That way, we could enhance the security of your VPS immediately rather than awaiting an official update.
ModSecurity in Dedicated Servers
ModSecurity is included with all dedicated servers
which are set up with our Hepsia Control Panel and you won't have to do anything specific on your end to employ it because it is activated by default each time you add a new domain or subdomain on your server. In case it disrupts any of your applications, you will be able to stop it via the respective part of Hepsia, or you could leave it in passive mode, so it'll identify attacks and shall still maintain a log for them, but won't prevent them. You can look at the logs later to determine what you can do to enhance the safety of your sites as you shall find details such as where an intrusion attempt originated from, what website was attacked and based on what rule ModSecurity responded, etcetera. The rules we employ are commercial, therefore they're constantly updated by a security provider, but to be on the safe side, our staff also add custom rules once in a while as to deal with any new threats they have found.