Discover what ModSecurity is, how it works and what exactly it does in order to protect your websites and applications.
ModSecurity is an efficient firewall for Apache web servers that's used to prevent attacks toward web apps. It tracks the HTTP traffic to a given site in real time and prevents any intrusion attempts the moment it identifies them. The firewall relies on a set of rules to accomplish that - as an illustration, attempting to log in to a script admin area unsuccessfully many times activates one rule, sending a request to execute a specific file that could result in gaining access to the Internet site triggers a different rule, etcetera. ModSecurity is among the best firewalls available and it'll protect even scripts that aren't updated regularly as it can prevent attackers from employing known exploits and security holes. Very detailed info about every single intrusion attempt is recorded and the logs the firewall maintains are considerably more detailed than the conventional logs provided by the Apache server, so you could later examine them and determine if you need to take extra measures in order to increase the security of your script-driven Internet sites.
ModSecurity in Shared Hosting
ModSecurity is provided with all shared hosting
servers, so if you opt to host your Internet sites with our business, they'll be shielded from an array of attacks. The firewall is enabled by default for all domains and subdomains, so there will be nothing you shall have to do on your end. You shall be able to stop ModSecurity for any site if necessary, or to activate a detection mode, so all activity shall be recorded, but the firewall will not take any real action. You will be able to view comprehensive logs through your Hepsia Control Panel including the IP address where the attack came from, what the attacker wanted to do and how ModSecurity handled the threat. As we take the security of our clients' sites seriously, we use a set of commercial rules which we get from one of the best firms that maintain such rules. Our admins also include custom rules to ensure that your Internet sites will be shielded from as many risks as possible.
ModSecurity in Semi-dedicated Servers
Any web program you set up within your new semi-dedicated server
account will be protected by ModSecurity since the firewall is provided with all our hosting plans and is activated by default for any domain and subdomain which you add or create using your Hepsia hosting Control Panel. You shall be able to manage ModSecurity through a dedicated section in Hepsia where not only can you activate or deactivate it completely, but you can also activate a passive mode, so the firewall won't block anything, but it shall still keep an archive of possible attacks. This takes simply a click and you will be able to look at the logs regardless of if ModSecurity is in active or passive mode through the same section - what the attack was and where it came from, how it was addressed, and so on. The firewall uses two groups of rules on our machines - a commercial one which we get from a third-party web security firm and a custom one that our administrators update personally as to respond to recently discovered risks as soon as possible.
ModSecurity in VPS Servers
All VPS servers
that are offered with the Hepsia CP feature ModSecurity. The firewall is installed and activated by default for all domains that are hosted on the machine, so there won't be anything special that you'll have to do to protect your sites. It will take you only a mouse click to stop ModSecurity if necessary or to turn on its passive mode so that it records what occurs without taking any steps to prevent intrusions. You will be able to look at the logs produced in active or passive mode via the corresponding section of Hepsia and learn more about the type of the attack, where it came from, what rule the firewall used to take care of it, etc. We employ a mixture of commercial and custom rules in order to make sure that ModSecurity will stop as many risks as possible, therefore boosting the security of your web apps as much as possible.
ModSecurity in Dedicated Servers
If you choose to host your websites on a dedicated server
with the Hepsia CP, your web programs will be secured right away as ModSecurity is supplied with all Hepsia-based packages. You shall be able to control the firewall easily and if needed, you'll be able to turn it off or switch on its passive mode when it'll only keep a log of what is occurring without taking any action to prevent potential attacks. The logs which you'll find within the exact same section of the Control Panel are really detailed and include data about the attacker IP address, what website and file were attacked and in what way, what rule the firewall used to stop the intrusion, etc. This data will allow you to take measures and boost the protection of your websites even more. To be on the safe side, we employ not just commercial rules, but also custom-made ones that our admins include every time they identify attacks that have not yet been included inside the commercial pack.