ModSecurity is a highly effective web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to a website without affecting its operation and when it detects an intrusion attempt, it prevents it. The firewall also maintains a more comprehensive log for the traffic than any server does, so you'll be able to keep track of what's happening with your sites a lot better than if you rely merely on conventional logs. ModSecurity uses security rules based on which it stops attacks. For instance, it identifies whether someone is attempting to log in to the administration area of a particular script a number of times or if a request is sent to execute a file with a specific command. In these instances these attempts set off the corresponding rules and the firewall software hinders the attempts right away, after that records in-depth information about them within its logs. ModSecurity is amongst the most effective software firewalls on the market and it can protect your web apps against a large number of threats and vulnerabilities, particularly if you don’t update them or their plugins regularly.
ModSecurity in Dedicated Servers
All of our dedicated servers that are set up with the Hepsia hosting CP feature ModSecurity, so any program which you upload or set up will be secured from the very beginning and you won't need to concern yourself with common attacks or vulnerabilities. An independent section inside Hepsia will permit you to start or stop the firewall for any domain or subdomain, or turn on a detection mode so that it records info about intrusions, but doesn't take actions to stop them. What you will see in the logs shall enable you to to secure your Internet sites better - the IP an attack came from, what site was attacked and exactly how, what ModSecurity rule was triggered, and so forth. With this information, you'll be able to see if an Internet site needs an update, whether you ought to block IPs from accessing your web server, etc. Aside from the third-party commercial security rules for ModSecurity which we use, our administrators include custom ones as well when they come across a new threat that's not yet in the commercial bundle.