Find out what ModSecurity actually is, how it operates and exactly what it does to defend your sites and web applications.
ModSecurity is a plugin for Apache web servers which functions as a web app layer firewall. It's employed to prevent attacks against script-driven Internet sites through the use of security rules that contain particular expressions. This way, the firewall can prevent hacking and spamming attempts and protect even websites that aren't updated often. For example, a number of failed login attempts to a script administrator area or attempts to execute a particular file with the purpose to get access to the script shall trigger particular rules, so ModSecurity shall stop these activities the moment it discovers them. The firewall is incredibly efficient because it tracks the entire HTTP traffic to a site in real time without slowing it down, so it will be able to prevent an attack before any damage is done. It additionally keeps an exceptionally detailed log of all attack attempts which features more info than standard Apache logs, so you can later analyze the data and take extra measures to boost the security of your websites if required.
ModSecurity in Website Hosting
ModSecurity is available on all website hosting
web servers, so if you choose to host your Internet sites with our firm, they'll be resistant to a wide array of attacks. The firewall is enabled as standard for all domains and subdomains, so there'll be nothing you will need to do on your end. You'll be able to stop ModSecurity for any site if needed, or to enable a detection mode, so all activity shall be recorded, but the firewall will not take any real action. You'll be able to view comprehensive logs from your Hepsia Control Panel including the IP address where the attack came from, what the attacker wanted to do and how ModSecurity dealt with the threat. Since we take the security of our customers' Internet sites very seriously, we use a collection of commercial rules which we get from one of the best companies which maintain this kind of rules. Our administrators also add custom rules to make certain that your websites will be shielded from as many threats as possible.
ModSecurity in Semi-dedicated Servers
Any web application which you install in your new semi-dedicated server
account will be protected by ModSecurity since the firewall is provided with all our hosting solutions and is turned on by default for any domain and subdomain which you include or create using your Hepsia hosting Control Panel. You'll be able to manage ModSecurity via a dedicated section within Hepsia where not only can you activate or deactivate it entirely, but you could also enable a passive mode, so the firewall shall not stop anything, but it will still maintain a record of potential attacks. This requires just a click and you will be able to view the logs regardless if ModSecurity is in passive or active mode through the same section - what the attack was and where it came from, how it was taken care of, and so on. The firewall uses 2 sets of rules on our web servers - a commercial one which we get from a third-party web security firm and a custom one that our admins update manually in order to respond to recently discovered threats as fast as possible.
ModSecurity in VPS Servers
Security is very important to us, so we install ModSecurity on all VPS servers
which are provided with the Hepsia Control Panel as a standard. The firewall could be managed via a dedicated section in Hepsia and is switched on automatically when you include a new domain or generate a subdomain, so you will not need to do anything by hand. You shall also be able to deactivate it or activate the so-called detection mode, so it will maintain a log of potential attacks that you can later examine, but will not prevent them. The logs in both passive and active modes offer details about the kind of the attack and how it was eliminated, what IP it originated from and other important info which may help you to tighten the security of your Internet sites by updating them or blocking IPs, for instance. On top of the commercial rules we get for ModSecurity from a third-party security firm, we also employ our own rules because every now and then we detect specific attacks which are not yet present in the commercial package. That way, we can easily improve the protection of your VPS right away as opposed to awaiting a certified update.
ModSecurity in Dedicated Servers
When you opt to host your websites on a dedicated server
with the Hepsia Control Panel, your web apps will be protected right from the start because ModSecurity is available with all Hepsia-based plans. You will be able to regulate the firewall easily and if required, you shall be able to turn it off or activate its passive mode when it shall only keep a log of what is taking place without taking any action to prevent possible attacks. The logs that you can find within the exact same section of the Control Panel are extremely detailed and include information about the attacker IP, what website and file were attacked and in what ways, what rule the firewall used to stop the intrusion, etcetera. This data will allow you to take measures and improve the protection of your Internet sites even more. To be on the safe side, we use not just commercial rules, but also custom-made ones that our administrators include when they detect attacks that have not yet been included within the commercial pack.