ModSecurity
Discover what ModSecurity is really, how it operates and precisely what it does to defend your sites and apps.
ModSecurity is an effective firewall for Apache web servers that's employed to stop attacks against web apps. It monitors the HTTP traffic to a particular site in real time and prevents any intrusion attempts the moment it identifies them. The firewall uses a set of rules to do this - for instance, trying to log in to a script admin area without success a few times triggers one rule, sending a request to execute a certain file that could result in gaining access to the website triggers another rule, and so forth. ModSecurity is one of the best firewalls on the market and it'll secure even scripts that are not updated frequently because it can prevent attackers from employing known exploits and security holes. Quite detailed information about each and every intrusion attempt is recorded and the logs the firewall maintains are considerably more comprehensive than the regular logs provided by the Apache server, so you could later analyze them and determine if you need to take additional measures so as to improve the safety of your script-driven websites.
-
ModSecurity in Shared Web Hosting
ModSecurity is available on all
shared web hosting web servers, so if you decide to host your websites with our firm, they'll be resistant to a wide range of attacks. The firewall is enabled by default for all domains and subdomains, so there will be nothing you shall need to do on your end. You will be able to stop ModSecurity for any Internet site if required, or to switch on a detection mode, so that all activity will be recorded, but the firewall will not take any real action. You'll be able to view specific logs via your Hepsia Control Panel including the IP where the attack originated from, what the attacker planned to do and how ModSecurity handled the threat. Since we take the protection of our customers' websites very seriously, we employ a selection of commercial rules which we get from one of the best firms that maintain this kind of rules. Our administrators also include custom rules to make certain that your Internet sites will be protected against as many threats as possible.
-
ModSecurity in Semi-dedicated Servers
We've incorporated ModSecurity by default within all
semi-dedicated server plans, so your web apps will be protected the instant you install them under any domain or subdomain. The Hepsia CP which comes with the semi-dedicated accounts shall permit you to switch on or disable the firewall for any site with a mouse click. You shall also be able to turn on a passive detection mode through which ModSecurity shall keep a log of possible attacks without really preventing them. The thorough logs contain the nature of the attack and what ModSecurity response this attack triggered, where it originated from, and so on. The list of rules which we use is frequently updated as to match any new threats that could appear on the Internet and it comes with both commercial rules that we get from a security business and custom-written ones which our administrators include in the event that they find a threat which is not present inside the commercial list yet.
-
ModSecurity in VPS Servers
Protection is extremely important to us, so we set up ModSecurity on all
VPS servers which are set up with the Hepsia CP by default. The firewall could be managed via a dedicated section inside Hepsia and is switched on automatically when you include a new domain or generate a subdomain, so you'll not need to do anything manually. You'll also be able to deactivate it or switch on the so-called detection mode, so it'll maintain a log of possible attacks which you can later examine, but will not block them. The logs in both passive and active modes include information about the type of the attack and how it was eliminated, what IP it came from and other important info that may help you to tighten the security of your sites by updating them or blocking IPs, as an example. On top of the commercial rules which we get for ModSecurity from a third-party security firm, we also employ our own rules as once in a while we discover specific attacks that are not yet present in the commercial pack. That way, we can improve the protection of your Virtual private server right away as opposed to waiting for an official update.
-
ModSecurity in Dedicated Servers
ModSecurity comes with all
dedicated servers that are set up with our Hepsia CP and you won't have to do anything specific on your end to employ it since it's enabled by default every time you include a new domain or subdomain on your web server. In the event that it disrupts some of your programs, you'll be able to stop it via the respective section of Hepsia, or you may leave it operating in passive mode, so it shall recognize attacks and will still maintain a log for them, but shall not block them. You could look at the logs later to learn what you can do to boost the security of your Internet sites as you will find details such as where an intrusion attempt came from, what Internet site was attacked and based upon what rule ModSecurity responded, etc. The rules that we use are commercial, thus they are frequently updated by a security provider, but to be on the safe side, our admins also add custom rules once in a while in order to deal with any new threats they have discovered.