ModSecurity
Learn what ModSecurity is really, what it does and just what it can do to protect your websites and applications.
ModSecurity is an efficient firewall for Apache web servers which is used to prevent attacks toward web applications. It keeps track of the HTTP traffic to a certain site in real time and prevents any intrusion attempts the instant it identifies them. The firewall relies on a set of rules to accomplish that - as an illustration, attempting to log in to a script admin area without success a few times activates one rule, sending a request to execute a specific file that may result in accessing the site triggers a different rule, etcetera. ModSecurity is one of the best firewalls available and it'll secure even scripts which aren't updated on a regular basis since it can prevent attackers from using known exploits and security holes. Quite thorough info about each intrusion attempt is recorded and the logs the firewall maintains are considerably more detailed than the regular logs generated by the Apache server, so you could later take a look at them and determine whether you need to take additional measures in order to boost the safety of your script-driven Internet sites.
-
ModSecurity in Cloud Hosting
We offer ModSecurity with all
cloud hosting solutions, so your Internet apps will be protected against malicious attacks. The firewall is switched on as standard for all domains and subdomains, but in case you'd like, you'll be able to stop it through the respective area of your Hepsia Control Panel. You can also activate a detection mode, so ModSecurity will keep a log as intended, but won't take any action. The logs that you'll discover within Hepsia are very detailed and feature data about the nature of any attack, when it happened and from what IP, the firewall rule that was triggered, and so on. We employ a set of commercial rules which are often updated, but sometimes our admins include custom rules as well in order to efficiently protect the sites hosted on our machines.
-
ModSecurity in Semi-dedicated Servers
ModSecurity is part of our
semi-dedicated server packages and if you opt to host your sites with us, there shall not be anything special you will have to do since the firewall is activated by default for all domains and subdomains that you add using your hosting Control Panel. If needed, you could disable ModSecurity for a certain website or activate the so-called detection mode in which case the firewall will still operate and record information, but won't do anything to prevent potential attacks against your Internet sites. In depth logs will be accessible within your Control Panel and you'll be able to see what type of attacks happened, what security rules were triggered and how the firewall handled the threats, what Internet protocol addresses the attacks originated from, and so forth. We use 2 kinds of rules on our servers - commercial ones from an organization which operates in the field of web security, and customized ones which our admins sometimes add to respond to newly identified threats in a timely manner.
-
ModSecurity in VPS Servers
All
VPS servers which are provided with the Hepsia Control Panel come with ModSecurity. The firewall is installed and activated by default for all domains which are hosted on the machine, so there won't be anything special that you shall have to do to protect your websites. It shall take you a click to stop ModSecurity if required or to activate its passive mode so that it records what occurs without taking any measures to prevent intrusions. You'll be able to see the logs produced in passive or active mode through the corresponding section of Hepsia and discover more about the form of the attack, where it originated from, what rule the firewall employed to tackle it, and so forth. We employ a mixture of commercial and custom rules so as to make certain that ModSecurity shall prevent as many risks as possible, consequently improving the protection of your web applications as much as possible.
-
ModSecurity in Dedicated Servers
ModSecurity is included with all
dedicated servers that are set up with our Hepsia CP and you'll not have to do anything specific on your end to use it as it's enabled by default every time you include a new domain or subdomain on your server. If it interferes with any of your programs, you'll be able to stop it via the respective section of Hepsia, or you may leave it working in passive mode, so it will detect attacks and shall still keep a log for them, but won't prevent them. You'll be able to analyze the logs later to find out what you can do to boost the safety of your websites as you'll find information such as where an intrusion attempt originated from, what Internet site was attacked and based upon what rule ModSecurity responded, and so on. The rules which we use are commercial, thus they're frequently updated by a security company, but to be on the safe side, our staff also add custom rules occasionally as to deal with any new threats they have discovered.