Find out what ModSecurity actually is, how it works and just what it can do to guard your web sites and applications.
ModSecurity is a plugin for Apache web servers which functions as a web application layer firewall. It is used to stop attacks toward script-driven websites by using security rules which contain specific expressions. That way, the firewall can prevent hacking and spamming attempts and protect even Internet sites which aren't updated frequently. For instance, a number of failed login attempts to a script admin area or attempts to execute a specific file with the objective to get access to the script shall trigger specific rules, so ModSecurity shall block out these activities the minute it detects them. The firewall is very efficient since it monitors the entire HTTP traffic to an Internet site in real time without slowing it down, so it could prevent an attack before any damage is done. It furthermore keeps an exceptionally detailed log of all attack attempts that includes more info than traditional Apache logs, so you can later analyze the data and take extra measures to boost the security of your Internet sites if required.
ModSecurity in Cloud Website Hosting
We provide ModSecurity with all cloud website hosting
plans, so your web apps will be shielded from destructive attacks. The firewall is turned on by default for all domains and subdomains, but if you would like, you will be able to stop it via the respective section of your Hepsia CP. You could also activate a detection mode, so ModSecurity will keep a log as intended, but will not take any action. The logs which you will discover in Hepsia are quite detailed and feature information about the nature of any attack, when it took place and from what IP, the firewall rule which was triggered, etc. We use a range of commercial rules which are often updated, but sometimes our admins add custom rules as well in order to efficiently protect the sites hosted on our machines.
ModSecurity in Semi-dedicated Servers
All semi-dedicated server
solutions that we offer feature ModSecurity and given that the firewall is enabled by default, any site which you create under a domain or a subdomain shall be protected right from the start. An individual section in the Hepsia Control Panel which comes with the semi-dedicated accounts is dedicated to ModSecurity and it will permit you to start and stop the firewall for any site or activate a detection mode. With the last option, ModSecurity shall not take any action, but it shall still detect possible attacks and will keep all information inside a log as if it were 100% active. The logs can be found inside the same section of the Control Panel and they offer info about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to identify and stop it, etcetera. The security rules that we employ on our web servers are a mix between commercial ones from a security firm and custom ones developed by our system administrators. Therefore, we offer higher security for your web apps as we can defend them from attacks even before security companies release updates for completely new threats.
ModSecurity in VPS Servers
Protection is essential to us, so we set up ModSecurity on all VPS servers
which are set up with the Hepsia Control Panel as a standard. The firewall can be managed through a dedicated section in Hepsia and is turned on automatically when you include a new domain or create a subdomain, so you will not have to do anything manually. You shall also be able to deactivate it or switch on the so-called detection mode, so it'll keep a log of possible attacks which you can later study, but shall not stop them. The logs in both passive and active modes contain details about the type of the attack and how it was eliminated, what IP address it originated from and other useful info that could help you to tighten the security of your sites by updating them or blocking IPs, for instance. On top of the commercial rules we get for ModSecurity from a third-party security enterprise, we also implement our own rules since every now and then we detect specific attacks that are not yet present within the commercial package. That way, we could enhance the protection of your Virtual private server in a timely manner rather than waiting for a certified update.
ModSecurity in Dedicated Servers
When you choose to host your Internet sites on a dedicated server
with the Hepsia Control Panel, your web apps shall be secured straight away because ModSecurity is supplied with all Hepsia-based solutions. You'll be able to regulate the firewall effortlessly and if necessary, you shall be able to turn it off or enable its passive mode when it shall only maintain a log of what's occurring without taking any action to stop potential attacks. The logs that you'll find within the very same section of the Control Panel are incredibly detailed and feature information about the attacker IP, what site and file were attacked and in what way, what rule the firewall used to prevent the intrusion, etc. This information shall enable you to take measures and boost the protection of your Internet sites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones which our administrators add whenever they detect attacks which haven't yet been included in the commercial pack.