Discover what ModSecurity is, the way it works and what actually it will do to protect your web sites and apps.
ModSecurity is a plugin for Apache web servers which acts as a web application layer firewall. It's employed to prevent attacks toward script-driven Internet sites through the use of security rules that contain certain expressions. This way, the firewall can stop hacking and spamming attempts and shield even sites which are not updated on a regular basis. As an example, several unsuccessful login attempts to a script admin area or attempts to execute a particular file with the intention to get access to the script will trigger certain rules, so ModSecurity will stop these activities the instant it identifies them. The firewall is incredibly efficient since it monitors the entire HTTP traffic to a site in real time without slowing it down, so it can easily prevent an attack before any damage is done. It furthermore keeps an incredibly thorough log of all attack attempts which contains more information than traditional Apache logs, so you can later analyze the data and take extra measures to enhance the security of your sites if necessary.
ModSecurity in Web Hosting
We offer ModSecurity with all web hosting
plans, so your Internet apps shall be protected against harmful attacks. The firewall is activated by default for all domains and subdomains, but if you'd like, you'll be able to stop it via the respective part of your Hepsia CP. You can also activate a detection mode, so ModSecurity will keep a log as intended, but shall not take any action. The logs which you shall find inside Hepsia are extremely detailed and offer data about the nature of any attack, when it happened and from what IP address, the firewall rule that was triggered, and so on. We use a set of commercial rules which are regularly updated, but sometimes our admins include custom rules as well so as to efficiently protect the websites hosted on our servers.
ModSecurity in Semi-dedicated Servers
We've included ModSecurity as a standard inside all semi-dedicated server
packages, so your web applications shall be protected the instant you install them under any domain or subdomain. The Hepsia CP which comes with the semi-dedicated accounts will allow you to activate or disable the firewall for any Internet site with a click. You shall also have the ability to turn on a passive detection mode with which ModSecurity will maintain a log of possible attacks without actually preventing them. The thorough logs contain the nature of the attack and what ModSecurity response that attack initiated, where it came from, etcetera. The list of rules we use is frequently updated in order to match any new risks that might appear on the Internet and it includes both commercial rules that we get from a security company and custom-written ones that our admins add in the event that they find a threat which is not present inside the commercial list yet.
ModSecurity in VPS Servers
All VPS servers
which are provided with the Hepsia Control Panel feature ModSecurity. The firewall is set up and switched on by default for all domains which are hosted on the web server, so there shall not be anything special which you shall have to do to protect your websites. It shall take you only a click to stop ModSecurity if needed or to activate its passive mode so that it records what occurs without taking any steps to prevent intrusions. You'll be able to see the logs generated in active or passive mode via the corresponding section of Hepsia and learn more about the form of the attack, where it came from, what rule the firewall used to tackle it, etc. We use a combination of commercial and custom rules so as to make certain that ModSecurity will block out as many risks as possible, consequently enhancing the protection of your web programs as much as possible.
ModSecurity in Dedicated Servers
All of our dedicated servers
that are installed with the Hepsia hosting CP feature ModSecurity, so any program which you upload or install will be properly secured from the very beginning and you will not have to stress about common attacks or vulnerabilities. An independent section inside Hepsia will allow you to start or stop the firewall for each and every domain or subdomain, or turn on a detection mode so that it records info about intrusions, but does not take actions to stop them. What you will discover in the logs can enable you to to secure your sites better - the IP an attack originated from, what site was attacked as well as how, what ModSecurity rule was triggered, and so forth. With this info, you can see whether an Internet site needs an update, if you should block IPs from accessing your web server, and so forth. On top of the third-party commercial security rules for ModSecurity we use, our administrators include custom ones too whenever they come across a new threat that's not yet included in the commercial bundle.