Learn what ModSecurity is, how it works and just what it does so as to protect your Internet sites and applications.
ModSecurity is an effective firewall for Apache web servers which is employed to prevent attacks against web applications. It keeps track of the HTTP traffic to a certain Internet site in real time and prevents any intrusion attempts as soon as it identifies them. The firewall uses a set of rules to accomplish that - for example, trying to log in to a script administration area without success a few times activates one rule, sending a request to execute a specific file that could result in gaining access to the Internet site triggers a different rule, etcetera. ModSecurity is one of the best firewalls available on the market and it'll preserve even scripts that are not updated regularly since it can prevent attackers from using known exploits and security holes. Quite comprehensive data about every intrusion attempt is recorded and the logs the firewall maintains are much more detailed than the standard logs generated by the Apache server, so you could later take a look at them and determine if you need to take additional measures in order to boost the protection of your script-driven Internet sites.
ModSecurity in Hosting
ModSecurity is supplied with all hosting
machines, so if you choose to host your sites with our company, they'll be resistant to a wide range of attacks. The firewall is turned on by default for all domains and subdomains, so there shall be nothing you will need to do on your end. You will be able to stop ModSecurity for any website if necessary, or to switch on a detection mode, so that all activity shall be recorded, but the firewall will not take any real action. You'll be able to view comprehensive logs through your Hepsia CP including the IP address where the attack came from, what the attacker planned to do and how ModSecurity addressed the threat. As we take the protection of our customers' sites seriously, we use a selection of commercial rules that we get from one of the leading companies which maintain this kind of rules. Our admins also add custom rules to make certain that your sites will be resistant to as many risks as possible.
ModSecurity in Semi-dedicated Hosting
All semi-dedicated hosting
solutions that we offer come with ModSecurity and given that the firewall is enabled by default, any Internet site you build under a domain or a subdomain will be protected right away. A separate section within the Hepsia Control Panel that comes with the semi-dedicated accounts is dedicated to ModSecurity and it will allow you to start and stop the firewall for any website or enable a detection mode. With the latter, ModSecurity will not take any action, but it'll still identify possible attacks and shall keep all info in a log as if it were 100% active. The logs could be found within the exact same section of the Control Panel and they offer details about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to recognize and stop it, and so forth. The security rules that we employ on our machines are a mix of commercial ones from a security company and custom ones made by our system administrators. Therefore, we provide higher security for your web programs as we can protect them from attacks before security businesses release updates for brand new threats.
ModSecurity in VPS Hosting
All virtual private servers
which are set up with the Hepsia Control Panel come with ModSecurity. The firewall is set up and activated by default for all domains that are hosted on the server, so there shall not be anything special that you will have to do to protect your Internet sites. It will take you just a click to stop ModSecurity if needed or to activate its passive mode so that it records what goes on without taking any steps to stop intrusions. You'll be able to view the logs produced in passive or active mode via the corresponding section of Hepsia and discover more about the type of the attack, where it came from, what rule the firewall employed to deal with it, etcetera. We employ a mixture of commercial and custom rules in order to make certain that ModSecurity shall block as many risks as possible, consequently improving the protection of your web applications as much as possible.
ModSecurity in Dedicated Web Hosting
ModSecurity is available by default with all dedicated servers
that are set up with the Hepsia CP and is set to “Active” automatically for any domain which you host or subdomain which you create on the web server. In the event that a web app doesn't work correctly, you can either turn off the firewall or set it to work in passive mode. The latter means that ModSecurity will keep a log of any potential attack which may occur, but shall not take any action to stop it. The logs produced in passive or active mode will provide you with more details about the exact file which was attacked, the type of the attack and the IP address it originated from, etc. This information shall allow you to decide what steps you can take to enhance the security of your Internet sites, including blocking IPs or performing script and plugin updates. The ModSecurity rules we employ are updated often with a commercial bundle from a third-party security firm we work with, but sometimes our staff include their own rules too if they identify a new potential threat.