Find out what ModSecurity is in fact, how it operates and just what it can do to defend your web sites and web apps.
ModSecurity is an effective firewall for Apache web servers which is employed to stop attacks against web apps. It keeps track of the HTTP traffic to a certain website in real time and stops any intrusion attempts the instant it identifies them. The firewall relies on a set of rules to do that - for instance, attempting to log in to a script admin area without success several times triggers one rule, sending a request to execute a certain file that may result in getting access to the site triggers a different rule, etc. ModSecurity is amongst the best firewalls around and it'll protect even scripts which are not updated often since it can prevent attackers from using known exploits and security holes. Incredibly detailed info about every intrusion attempt is recorded and the logs the firewall keeps are considerably more detailed than the standard logs created by the Apache server, so you can later analyze them and decide whether you need to take extra measures so as to increase the security of your script-driven sites.
ModSecurity in Shared Web Hosting
ModSecurity comes standard with all shared web hosting
packages which we provide and it'll be activated automatically for any domain or subdomain you add/create in your Hepsia hosting CP. The firewall has three different modes, so you can switch on and deactivate it with a click or set it to detection mode, so it shall keep a log of all attacks, but it will not do anything to stop them. The log for any of your sites shall contain detailed info including the nature of the attack, where it originated from, what action was taken by ModSecurity, etcetera. The firewall rules that we use are regularly updated and include both commercial ones that we get from a third-party security firm and custom ones our system administrators include in the event that they detect a new kind of attacks. In this way, the Internet sites you host here shall be a lot more secure without any action required on your end.
ModSecurity in Semi-dedicated Hosting
All semi-dedicated hosting
packages which we offer feature ModSecurity and given that the firewall is switched on by default, any Internet site you create under a domain or a subdomain shall be secured right from the start. A separate section inside the Hepsia Control Panel that comes with the semi-dedicated accounts is devoted to ModSecurity and it will allow you to start and stop the firewall for any site or switch on a detection mode. With the latter, ModSecurity will not take any action, but it shall still identify possible attacks and shall keep all information inside a log as if it were completely active. The logs could be found in the same section of the Control Panel and they offer information about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to identify and stop it, and so forth. The security rules which we employ on our machines are a mix between commercial ones from a security firm and custom ones developed by our system administrators. As a result, we offer higher security for your web applications as we can protect them from attacks even before security corporations release updates for completely new threats.
ModSecurity in VPS
Security is of the utmost importance to us, so we set up ModSecurity on all virtual private servers
which are set up with the Hepsia Control Panel as a standard. The firewall can be managed through a dedicated section inside Hepsia and is turned on automatically when you include a new domain or generate a subdomain, so you will not need to do anything by hand. You will also be able to disable it or switch on the so-called detection mode, so it'll keep a log of potential attacks which you can later study, but shall not prevent them. The logs in both passive and active modes offer information regarding the type of the attack and how it was stopped, what IP address it came from and other valuable data which could help you to tighten the security of your Internet sites by updating them or blocking IPs, as an example. Beyond the commercial rules that we get for ModSecurity from a third-party security company, we also employ our own rules as from time to time we detect specific attacks that aren't yet present in the commercial package. That way, we can enhance the protection of your VPS immediately rather than waiting for an official update.
ModSecurity in Dedicated Hosting
ModSecurity is provided with all dedicated servers
that are integrated with our Hepsia Control Panel and you will not have to do anything specific on your end to employ it since it is enabled by default whenever you add a new domain or subdomain on your hosting server. In the event that it disrupts some of your apps, you will be able to stop it via the respective section of Hepsia, or you could leave it working in passive mode, so it will detect attacks and shall still maintain a log for them, but will not stop them. You can examine the logs later to determine what you can do to boost the safety of your sites since you will find information such as where an intrusion attempt originated from, what Internet site was attacked and based upon what rule ModSecurity responded, etc. The rules which we employ are commercial, therefore they are constantly updated by a security firm, but to be on the safe side, our staff also add custom rules every now and then as to react to any new threats they have identified.