Find out how having ModSecurity activated in your hosting account will help silently with your web site protection.
ModSecurity is a highly effective web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its operation and in case it identifies an intrusion attempt, it prevents it. The firewall furthermore maintains a more comprehensive log for the website visitors than any web server does, so you'll manage to keep track of what is happening with your websites much better than if you rely simply on standard logs. ModSecurity employs security rules based on which it helps prevent attacks. For example, it recognizes whether somebody is trying to log in to the administration area of a certain script multiple times or if a request is sent to execute a file with a specific command. In these instances these attempts trigger the corresponding rules and the software hinders the attempts right away, after that records in-depth details about them within its logs. ModSecurity is one of the most effective software firewalls available and it can easily protect your web apps against thousands of threats and vulnerabilities, especially in case you don’t update them or their plugins frequently.
ModSecurity in Cloud Hosting
ModSecurity is available on all cloud hosting
web servers, so if you decide to host your websites with our company, they shall be resistant to a wide array of attacks. The firewall is enabled as standard for all domains and subdomains, so there shall be nothing you will need to do on your end. You shall be able to stop ModSecurity for any website if required, or to activate a detection mode, so that all activity shall be recorded, but the firewall will not take any real action. You shall be able to view specific logs from your Hepsia CP including the IP address where the attack came from, what the attacker wished to do and how ModSecurity addressed the threat. Since we take the safety of our customers' Internet sites very seriously, we use a group of commercial rules which we get from one of the top firms that maintain this sort of rules. Our administrators also include custom rules to make sure that your sites shall be protected against as many risks as possible.
ModSecurity in Semi-dedicated Hosting
Any web program that you install within your new semi-dedicated hosting
account will be protected by ModSecurity as the firewall is included with all our hosting solutions and is turned on by default for any domain and subdomain that you include or create via your Hepsia hosting CP. You'll be able to manage ModSecurity via a dedicated area inside Hepsia where not simply could you activate or deactivate it entirely, but you can also activate a passive mode, so the firewall will not stop anything, but it will still maintain an archive of possible attacks. This takes just a click and you'll be able to see the logs regardless if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was addressed, and so on. The firewall employs two groups of rules on our servers - a commercial one that we get from a third-party web security company and a custom one that our admins update personally as to respond to newly discovered risks as soon as possible.
ModSecurity in VPS Hosting
ModSecurity comes with all Hepsia-based virtual private servers
that we offer and it will be switched on automatically for any new domain or subdomain that you include on the web server. That way, any web app you install will be protected right away without doing anything manually on your end. The firewall can be managed through the section of the CP that bears the same name. This is the location whereyou could disable ModSecurity or enable its passive mode, so it shall not take any action toward threats, but will still maintain a detailed log. The recorded data is available within the same section as well and you'll be able to see what IPs any attacks originated from so that you can stop them, what the nature of the attempted attacks was and based upon what security rules ModSecurity responded. The rules which we employ on our servers are a mixture between commercial ones which we obtain from a security organization and custom ones which are added by our admins to maximize the protection of any web apps hosted on our end.
ModSecurity in Dedicated Web Hosting
All our dedicated servers
that are set up with the Hepsia hosting CP include ModSecurity, so any program you upload or set up will be secured from the very beginning and you will not have to worry about common attacks or vulnerabilities. An individual section in Hepsia will permit you to start or stop the firewall for each domain or subdomain, or turn on a detection mode so that it records information about intrusions, but doesn't take actions to stop them. What you will find in the logs can easily enable you to to secure your websites better - the IP an attack came from, what website was attacked and exactly how, what ModSecurity rule was triggered, and so on. With this info, you'll be able to see whether a site needs an update, if you need to block IPs from accessing your server, etcetera. On top of the third-party commercial security rules for ModSecurity which we use, our administrators add custom ones as well every time they discover a new threat which is not yet in the commercial bundle.