Learn what ModSecurity is in fact, how it operates and what precisely it can do to shield your sites and web applications.
ModSecurity is an effective firewall for Apache web servers that's used to stop attacks towards web apps. It monitors the HTTP traffic to a particular site in real time and blocks any intrusion attempts as soon as it detects them. The firewall relies on a set of rules to do this - as an illustration, trying to log in to a script administration area unsuccessfully many times activates one rule, sending a request to execute a particular file which could result in getting access to the site triggers a different rule, and so forth. ModSecurity is one of the best firewalls available and it'll preserve even scripts that aren't updated often since it can prevent attackers from employing known exploits and security holes. Quite detailed info about every intrusion attempt is recorded and the logs the firewall maintains are a lot more detailed than the regular logs created by the Apache server, so you could later analyze them and determine if you need to take more measures so as to enhance the security of your script-driven Internet sites.
ModSecurity in Shared Website Hosting
We offer ModSecurity with all shared website hosting
solutions, so your Internet apps will be shielded from destructive attacks. The firewall is switched on as standard for all domains and subdomains, but in case you would like, you shall be able to stop it via the respective area of your Hepsia CP. You can also switch on a detection mode, so ModSecurity shall keep a log as intended, but shall not take any action. The logs that you will find within Hepsia are very detailed and feature info about the nature of any attack, when it occurred and from what IP, the firewall rule which was triggered, and so forth. We use a group of commercial rules which are regularly updated, but sometimes our administrators add custom rules as well in order to efficiently protect the sites hosted on our servers.
ModSecurity in Semi-dedicated Hosting
All semi-dedicated hosting
packages which we offer include ModSecurity and because the firewall is switched on by default, any website which you create under a domain or a subdomain shall be secured right away. An independent section inside the Hepsia Control Panel which comes with the semi-dedicated accounts is dedicated to ModSecurity and it will enable you to start and stop the firewall for any Internet site or enable a detection mode. With the last mentioned, ModSecurity shall not take any action, but it'll still recognize possible attacks and will keep all data inside a log as if it were completely active. The logs can be found inside the very same section of the Control Panel and they offer details about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to detect and stop it, etcetera. The security rules we employ on our servers are a mix between commercial ones from a security company and custom ones developed by our system administrators. Consequently, we provide increased security for your web applications as we can defend them from attacks before security firms release updates for new threats.
ModSecurity in Dedicated Hosting
ModSecurity is offered by default with all dedicated servers
that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain which you host or subdomain you create on the server. In the event that a web application doesn't function adequately, you could either disable the firewall or set it to function in passive mode. The second means that ModSecurity shall keep a log of any potential attack which might take place, but won't take any action to prevent it. The logs generated in passive or active mode will present you with additional details about the exact file which was attacked, the nature of the attack and the IP it came from, etc. This data shall permit you to choose what actions you can take to boost the security of your Internet sites, for instance blocking IPs or performing script and plugin updates. The ModSecurity rules we use are updated constantly with a commercial bundle from a third-party security enterprise we work with, but occasionally our staff include their own rules as well in the event that they find a new potential threat.