ModSecurity
Find out what ModSecurity is, the way it works and what actually it does to guard your sites and web apps.
ModSecurity is an effective firewall for Apache web servers that is employed to stop attacks towards web apps. It tracks the HTTP traffic to a given site in real time and blocks any intrusion attempts as soon as it discovers them. The firewall relies on a set of rules to accomplish that - for instance, trying to log in to a script administration area without success a few times activates one rule, sending a request to execute a particular file that could result in getting access to the Internet site triggers a different rule, and so on. ModSecurity is amongst the best firewalls on the market and it'll preserve even scripts which aren't updated often since it can prevent attackers from employing known exploits and security holes. Quite detailed information about each and every intrusion attempt is recorded and the logs the firewall keeps are much more detailed than the regular logs generated by the Apache server, so you could later examine them and determine whether you need to take additional measures so as to improve the protection of your script-driven websites.
-
ModSecurity in Website Hosting
ModSecurity is available with each and every
website hosting solution that we provide and it's turned on by default for every domain or subdomain which you add through your Hepsia CP. In the event that it interferes with any of your apps or you'd like to disable it for whatever reason, you will be able to accomplish that through the ModSecurity area of Hepsia with only a click. You may also activate a passive mode, so the firewall will recognize potential attacks and maintain a log, but won't take any action. You can view detailed logs in the exact same section, including the IP where the attack came from, what precisely the attacker attempted to do and at what time, what ModSecurity did, and so on. For max protection of our customers we use a group of commercial firewall rules combined with custom ones that are included by our system admins.
-
ModSecurity in Semi-dedicated Hosting
ModSecurity is part of our
semi-dedicated hosting solutions and if you opt to host your Internet sites with our company, there shall not be anything special you will have to do since the firewall is turned on by default for all domains and subdomains you include through your hosting Control Panel. If necessary, you'll be able to disable ModSecurity for a given site or turn on the so-called detection mode in which case the firewall shall still work and record data, but shall not do anything to prevent possible attacks on your websites. Comprehensive logs will be available inside your CP and you shall be able to see which kind of attacks took place, what security rules were triggered and how the firewall dealt with the threats, what IP addresses the attacks originated from, etcetera. We use two sorts of rules on our servers - commercial ones from a business which operates in the field of web security, and customized ones which our admins sometimes include to respond to newly found risks in a timely manner.
-
ModSecurity in VPS Web Hosting
Safety is very important to us, so we set up ModSecurity on all
virtual private servers which are set up with the Hepsia Control Panel by default. The firewall can be managed through a dedicated section inside Hepsia and is activated automatically when you add a new domain or create a subdomain, so you will not need to do anything manually. You will also be able to deactivate it or switch on the so-called detection mode, so it will maintain a log of possible attacks that you can later analyze, but will not block them. The logs in both passive and active modes include details regarding the type of the attack and how it was eliminated, what IP it originated from and other valuable information which may help you to tighten the security of your sites by updating them or blocking IPs, for example. In addition to the commercial rules we get for ModSecurity from a third-party security enterprise, we also employ our own rules as from time to time we discover specific attacks which are not yet present inside the commercial package. This way, we can easily enhance the security of your VPS in a timely manner instead of waiting for a certified update.
-
ModSecurity in Dedicated Servers Hosting
ModSecurity comes with all
dedicated servers that are set up with our Hepsia Control Panel and you won't need to do anything specific on your end to use it since it's enabled by default every time you add a new domain or subdomain on your hosting server. In case it disrupts some of your programs, you will be able to stop it via the respective part of Hepsia, or you may leave it operating in passive mode, so it'll recognize attacks and will still maintain a log for them, but will not stop them. You can look at the logs later to learn what you can do to enhance the security of your Internet sites since you will find details such as where an intrusion attempt came from, what site was attacked and in accordance with what rule ModSecurity responded, and so on. The rules we use are commercial, hence they're regularly updated by a security provider, but to be on the safe side, our admins also add custom rules every now and then as to deal with any new threats they have identified.