Discover what ModSecurity is, the way it works and what precisely it can do to shield your websites and web apps.
ModSecurity is a plugin for Apache web servers which acts as a web application layer firewall. It's used to stop attacks towards script-driven Internet sites by employing security rules which contain certain expressions. That way, the firewall can block hacking and spamming attempts and shield even Internet sites which aren't updated regularly. For instance, a number of failed login attempts to a script administrator area or attempts to execute a specific file with the purpose to get access to the script will trigger certain rules, so ModSecurity will block out these activities the minute it discovers them. The firewall is very efficient because it monitors the whole HTTP traffic to an Internet site in real time without slowing it down, so it can easily prevent an attack before any harm is done. It furthermore maintains a very comprehensive log of all attack attempts which contains more information than typical Apache logs, so you can later check out the data and take further measures to improve the security of your Internet sites if required.
ModSecurity in Cloud Web Hosting
We provide ModSecurity with all cloud web hosting
solutions, so your Internet apps shall be protected against destructive attacks. The firewall is switched on by default for all domains and subdomains, but in case you would like, you shall be able to stop it through the respective area of your Hepsia CP. You'll be able to also switch on a detection mode, so ModSecurity shall keep a log as intended, but shall not take any action. The logs which you will discover in Hepsia are extremely detailed and offer info about the nature of any attack, when it happened and from what IP, the firewall rule that was triggered, etcetera. We use a group of commercial rules that are constantly updated, but sometimes our administrators add custom rules as well so as to efficiently protect the Internet sites hosted on our servers.
ModSecurity in Semi-dedicated Hosting
Any web app you set up within your new semi-dedicated hosting
account will be protected by ModSecurity as the firewall is provided with all our hosting plans and is activated by default for any domain and subdomain that you include or create using your Hepsia hosting Control Panel. You'll be able to manage ModSecurity through a dedicated area inside Hepsia where not only could you activate or deactivate it entirely, but you can also switch on a passive mode, so the firewall will not stop anything, but it'll still keep a record of potential attacks. This normally requires only a mouse click and you will be able to view the logs regardless of if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was dealt with, etc. The firewall employs 2 sets of rules on our web servers - a commercial one which we get from a third-party web security provider and a custom one that our administrators update personally as to respond to newly discovered threats at the earliest opportunity.
ModSecurity in VPS Web Hosting
Security is of the utmost importance to us, so we install ModSecurity on all virtual private servers
which are made available with the Hepsia Control Panel by default. The firewall can be managed through a dedicated section in Hepsia and is activated automatically when you add a new domain or create a subdomain, so you'll not need to do anything manually. You'll also be able to disable it or activate the so-called detection mode, so it'll maintain a log of potential attacks that you can later analyze, but won't prevent them. The logs in both passive and active modes contain details about the type of the attack and how it was prevented, what IP it originated from and other important info which may help you to tighten the security of your sites by updating them or blocking IPs, for instance. In addition to the commercial rules that we get for ModSecurity from a third-party security enterprise, we also use our own rules because every now and then we identify specific attacks which are not yet present in the commercial package. That way, we can easily boost the protection of your VPS instantly rather than awaiting an official update.
ModSecurity in Dedicated Servers Hosting
All of our dedicated servers
which are set up with the Hepsia hosting CP include ModSecurity, so any app that you upload or set up shall be protected from the very beginning and you'll not need to stress about common attacks or vulnerabilities. An independent section inside Hepsia will allow you to start or stop the firewall for each and every domain or subdomain, or activate a detection mode so that it records information regarding intrusions, but does not take actions to prevent them. What you will find in the logs shall help you to secure your sites better - the IP address an attack originated from, what site was attacked and in what way, what ModSecurity rule was triggered, etc. With this data, you could see if an Internet site needs an update, if you should block IPs from accessing your web server, and so forth. Aside from the third-party commercial security rules for ModSecurity that we use, our administrators add custom ones too if they find a new threat which is not yet included in the commercial bundle.