Discover what ModSecurity is, how it works and what exactly it does to protect your web sites and applications.
ModSecurity is a powerful web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to an Internet site without affecting its performance and when it discovers an intrusion attempt, it blocks it. The firewall furthermore maintains a more detailed log for the website visitors than any web server does, so you'll manage to keep an eye on what's happening with your websites better than if you rely only on standard logs. ModSecurity uses security rules based on which it helps prevent attacks. For example, it recognizes whether somebody is trying to log in to the administration area of a particular script several times or if a request is sent to execute a file with a certain command. In such circumstances these attempts trigger the corresponding rules and the software blocks the attempts immediately, after that records detailed info about them inside its logs. ModSecurity is one of the very best software firewalls out there and it can easily protect your web apps against thousands of threats and vulnerabilities, especially if you don’t update them or their plugins frequently.
ModSecurity in Shared Website Hosting
ModSecurity is offered with each and every shared website hosting
solution that we provide and it's activated by default for every domain or subdomain that you include through your Hepsia CP. If it disrupts any of your apps or you'd like to disable it for any reason, you'll be able to accomplish that through the ModSecurity section of Hepsia with merely a click. You can also activate a passive mode, so the firewall will recognize potential attacks and keep a log, but shall not take any action. You could view detailed logs in the very same section, including the IP where the attack came from, exactly what the attacker attempted to do and at what time, what ModSecurity did, etc. For maximum safety of our customers we use a collection of commercial firewall rules combined with custom ones which are provided by our system administrators.
ModSecurity in Semi-dedicated Hosting
All semi-dedicated hosting
packages that we offer come with ModSecurity and since the firewall is turned on by default, any Internet site that you build under a domain or a subdomain will be secured right from the start. An individual section within the Hepsia CP that comes with the semi-dedicated accounts is dedicated to ModSecurity and it shall enable you to stop and start the firewall for any site or activate a detection mode. With the latter, ModSecurity will not take any action, but it'll still detect possible attacks and shall keep all info inside a log as if it were fully active. The logs could be found inside the exact same section of the Control Panel and they include information about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to identify and stop it, and so forth. The security rules we use on our servers are a mix of commercial ones from a security firm and custom ones made by our system admins. For that reason, we offer greater security for your web apps as we can protect them from attacks even before security firms release updates for completely new threats.
ModSecurity in VPS Hosting
Protection is vital to us, so we install ModSecurity on all virtual private servers
that are provided with the Hepsia CP as a standard. The firewall could be managed through a dedicated section inside Hepsia and is activated automatically when you add a new domain or generate a subdomain, so you won't have to do anything personally. You shall also be able to deactivate it or switch on the so-called detection mode, so it'll maintain a log of possible attacks which you can later study, but will not prevent them. The logs in both passive and active modes contain info regarding the kind of the attack and how it was stopped, what IP it came from and other valuable info that might help you to tighten the security of your sites by updating them or blocking IPs, as an example. Besides the commercial rules that we get for ModSecurity from a third-party security company, we also implement our own rules because occasionally we discover specific attacks that are not yet present within the commercial group. This way, we can increase the security of your VPS right away as opposed to awaiting a certified update.
ModSecurity in Dedicated Web Hosting
ModSecurity is included with all dedicated servers
that are set up with our Hepsia CP and you will not have to do anything specific on your end to employ it since it is turned on by default every time you include a new domain or subdomain on your hosting server. If it disrupts some of your apps, you shall be able to stop it through the respective part of Hepsia, or you could leave it in passive mode, so it'll identify attacks and will still keep a log for them, but will not prevent them. You can examine the logs later to determine what you can do to enhance the safety of your Internet sites since you will find details such as where an intrusion attempt originated from, what website was attacked and in accordance with what rule ModSecurity reacted, and so forth. The rules we use are commercial, hence they're regularly updated by a security company, but to be on the safe side, our administrators also add custom rules occasionally as to deal with any new threats they have identified.