Learn what ModSecurity is, how it works and just what it does in order to protect your web sites and applications.
ModSecurity is a highly effective firewall for Apache web servers that's used to stop attacks towards web applications. It tracks the HTTP traffic to a certain site in real time and stops any intrusion attempts as soon as it discovers them. The firewall relies on a set of rules to accomplish that - for instance, trying to log in to a script administration area without success many times activates one rule, sending a request to execute a particular file which could result in getting access to the website triggers another rule, and so on. ModSecurity is one of the best firewalls around and it will secure even scripts which are not updated on a regular basis since it can prevent attackers from employing known exploits and security holes. Quite thorough info about every single intrusion attempt is recorded and the logs the firewall keeps are a lot more specific than the conventional logs provided by the Apache server, so you can later examine them and determine whether you need to take additional measures so as to enhance the security of your script-driven sites.
ModSecurity in Cloud Website Hosting
We offer ModSecurity with all cloud website hosting
plans, so your Internet applications will be protected against malicious attacks. The firewall is switched on as standard for all domains and subdomains, but in case you would like, you will be able to stop it using the respective part of your Hepsia Control Panel. You could also switch on a detection mode, so ModSecurity will keep a log as intended, but will not take any action. The logs that you shall discover in Hepsia are very detailed and offer information about the nature of any attack, when it happened and from what IP address, the firewall rule that was triggered, and so on. We employ a group of commercial rules that are regularly updated, but sometimes our administrators add custom rules as well in order to better protect the sites hosted on our machines.
ModSecurity in Semi-dedicated Servers
Any web application which you install inside your new semi-dedicated server
account will be protected by ModSecurity since the firewall is included with all our hosting plans and is turned on by default for any domain and subdomain that you include or create using your Hepsia hosting Control Panel. You'll be able to manage ModSecurity through a dedicated area inside Hepsia where not only could you activate or deactivate it completely, but you may also switch on a passive mode, so the firewall shall not block anything, but it'll still keep an archive of possible attacks. This requires just a click and you will be able to see the logs regardless of if ModSecurity is in active or passive mode through the same section - what the attack was and where it came from, how it was dealt with, etcetera. The firewall employs two groups of rules on our machines - a commercial one which we get from a third-party web security provider and a custom one which our admins update manually as to respond to newly discovered threats at the earliest opportunity.
ModSecurity in VPS Servers
ModSecurity is provided with all Hepsia-based VPS servers
we offer and it will be activated automatically for any new domain or subdomain that you add on the hosting server. In this way, any web app which you install shall be protected right from the start without doing anything personally on your end. The firewall may be managed via the section of the CP that has the same name. This is the area in whichyou could disable ModSecurity or enable its passive mode, so it will not take any action against threats, but will still maintain a detailed log. The recorded data is available within the same area as well and you will be able to see what IPs any attacks came from so that you can block them, what the nature of the attempted attacks was and based upon what security rules ModSecurity responded. The rules we employ on our servers are a combination between commercial ones we obtain from a security firm and custom ones which are included by our administrators to maximize the protection of any web apps hosted on our end.
ModSecurity in Dedicated Servers
All our dedicated servers
which are set up with the Hepsia hosting CP include ModSecurity, so any application that you upload or install will be secured from the very beginning and you won't have to stress about common attacks or vulnerabilities. An individual section in Hepsia will enable you to start or stop the firewall for each and every domain or subdomain, or turn on a detection mode so that it records information about intrusions, but doesn't take actions to prevent them. What you shall discover in the logs can easily help you to secure your Internet sites better - the IP an attack came from, what website was attacked and how, what ModSecurity rule was triggered, etcetera. With this information, you'll be able to see whether a website needs an update, whether you ought to block IPs from accessing your server, etcetera. Aside from the third-party commercial security rules for ModSecurity that we use, our administrators add custom ones too whenever they come across a new threat that is not yet a part of the commercial bundle.