ModSecurity
Find out what ModSecurity is, how it works and just what it does to protect your sites and applications.
ModSecurity is an effective firewall for Apache web servers which is employed to stop attacks towards web applications. It keeps track of the HTTP traffic to a specific website in real time and prevents any intrusion attempts as soon as it detects them. The firewall relies on a set of rules to do that - for instance, trying to log in to a script administrator area unsuccessfully a few times triggers one rule, sending a request to execute a particular file which could result in gaining access to the site triggers a different rule, and so forth. ModSecurity is amongst the best firewalls on the market and it'll secure even scripts which aren't updated regularly since it can prevent attackers from using known exploits and security holes. Quite thorough info about every single intrusion attempt is recorded and the logs the firewall keeps are a lot more comprehensive than the regular logs generated by the Apache server, so you could later take a look at them and decide if you need to take extra measures in order to improve the security of your script-driven websites.
-
ModSecurity in Shared Hosting
ModSecurity is supplied with all
shared hosting web servers, so if you decide to host your sites with our business, they shall be resistant to a wide range of attacks. The firewall is turned on as standard for all domains and subdomains, so there'll be nothing you'll have to do on your end. You will be able to stop ModSecurity for any website if required, or to activate a detection mode, so that all activity shall be recorded, but the firewall shall not take any real action. You will be able to view specific logs through your Hepsia CP including the IP address where the attack originated from, what the attacker planned to do and how ModSecurity dealt with the threat. Since we take the security of our customers' websites very seriously, we use a selection of commercial rules which we get from one of the best companies that maintain such rules. Our administrators also include custom rules to make sure that your sites shall be shielded from as many risks as possible.
-
ModSecurity in Semi-dedicated Servers
ModSecurity is part of our
semi-dedicated server packages and if you decide to host your websites with our company, there won't be anything special you will have to do as the firewall is turned on by default for all domains and subdomains that you add using your hosting CP. If needed, you can disable ModSecurity for a given site or enable the so-called detection mode in which case the firewall will still operate and record info, but will not do anything to stop potential attacks on your Internet sites. Detailed logs will be readily available within your CP and you'll be able to see what sort of attacks happened, what security rules were triggered and how the firewall handled the threats, what Internet protocol addresses the attacks came from, etc. We employ 2 sorts of rules on our servers - commercial ones from a business that operates in the field of web security, and customized ones which our administrators often add to respond to newly identified threats in a timely manner.
-
ModSecurity in VPS Servers
ModSecurity comes with all Hepsia-based
VPS servers that we offer and it will be activated automatically for any new domain or subdomain that you add on the hosting server. This way, any web app which you install shall be protected right from the start without doing anything manually on your end. The firewall can be handled from the section of the Control Panel which bears the same name. This is the location whereyou'll be able to disable ModSecurity or enable its passive mode, so it won't take any action against threats, but will still keep a comprehensive log. The recorded data is available within the same section as well and you'll be able to see what IPs any attacks came from to enable you to block them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity reacted. The rules which we use on our servers are a blend between commercial ones we get from a security organization and custom ones that are added by our administrators to enhance the protection of any web apps hosted on our end.
-
ModSecurity in Dedicated Servers
ModSecurity is included with all
dedicated servers that are set up with our Hepsia CP and you will not need to do anything specific on your end to employ it since it's turned on by default every time you add a new domain or subdomain on your web server. In case it disrupts some of your programs, you will be able to stop it via the respective section of Hepsia, or you may leave it in passive mode, so it will recognize attacks and shall still maintain a log for them, but won't prevent them. You could look at the logs later to determine what you can do to boost the protection of your sites as you shall find details such as where an intrusion attempt came from, what site was attacked and based upon what rule ModSecurity reacted, and so on. The rules which we use are commercial, hence they are regularly updated by a security company, but to be on the safe side, our admins also add custom rules from time to time in order to react to any new threats they have found.