ModSecurity
Discover what ModSecurity is in fact, how it works and what precisely it can do to guard your sites and apps.
ModSecurity is a powerful web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to an Internet site without affecting its performance and if it detects an intrusion attempt, it blocks it. The firewall additionally keeps a more thorough log for the traffic than any server does, so you will be able to keep track of what is happening with your Internet sites better than if you rely merely on standard logs. ModSecurity works with security rules based on which it stops attacks. For instance, it recognizes if anyone is attempting to log in to the administrator area of a certain script a number of times or if a request is sent to execute a file with a specific command. In these cases these attempts trigger the corresponding rules and the firewall program hinders the attempts instantly, then records comprehensive details about them in its logs. ModSecurity is among the best software firewalls out there and it can protect your web apps against thousands of threats and vulnerabilities, particularly if you don’t update them or their plugins regularly.
-
ModSecurity in Shared Website Hosting
ModSecurity is available on all
shared website hosting servers, so if you opt to host your sites with our organization, they shall be protected against a wide array of attacks. The firewall is enabled by default for all domains and subdomains, so there shall be nothing you'll need to do on your end. You'll be able to stop ModSecurity for any website if required, or to switch on a detection mode, so that all activity will be recorded, but the firewall shall not take any real action. You'll be able to view comprehensive logs using your Hepsia CP including the IP where the attack originated from, what the attacker wished to do and how ModSecurity handled the threat. As we take the safety of our clients' sites very seriously, we use a selection of commercial rules which we get from one of the leading firms that maintain such rules. Our administrators also add custom rules to ensure that your sites will be shielded from as many threats as possible.
-
ModSecurity in Semi-dedicated Servers
We have incorporated ModSecurity by default within all
semi-dedicated server packages, so your web applications shall be protected whenever you set them up under any domain or subdomain. The Hepsia Control Panel that comes with the semi-dedicated accounts will allow you to switch on or disable the firewall for any website with a mouse click. You'll also have the ability to turn on a passive detection mode through which ModSecurity shall maintain a log of possible attacks without really preventing them. The detailed logs include the nature of the attack and what ModSecurity response that attack caused, where it originated from, and so on. The list of rules which we employ is constantly updated as to match any new threats that may appear on the Internet and it comes with both commercial rules that we get from a security company and custom-written ones that our admins add in the event that they find a threat that's not present within the commercial list yet.
-
ModSecurity in VPS Servers
ModSecurity comes with all Hepsia-based
VPS servers which we offer and it will be activated automatically for any new domain or subdomain you add on the server. This way, any web application that you install will be protected right away without doing anything by hand on your end. The firewall could be managed from the section of the Control Panel that has the same name. This is the place in whichyou'll be able to turn off ModSecurity or enable its passive mode, so it will not take any action against threats, but shall still keep a thorough log. The recorded information is available inside the same section as well and you will be able to see what IPs any attacks originated from so that you stop them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity responded. The rules which we employ on our servers are a mix between commercial ones we get from a security company and custom ones that are included by our staff to maximize the security of any web apps hosted on our end.
-
ModSecurity in Dedicated Servers
If you opt to host your Internet sites on a
dedicated server with the Hepsia Control Panel, your web programs will be secured right away since ModSecurity is provided with all Hepsia-based solutions. You shall be able to manage the firewall without difficulty and if required, you'll be able to turn it off or switch on its passive mode when it shall only maintain a log of what's happening without taking any action to prevent potential attacks. The logs which you can find inside the very same section of the Control Panel are very detailed and contain details about the attacker IP, what website and file were attacked and in what way, what rule the firewall used to prevent the intrusion, and so on. This information shall allow you to take measures and enhance the security of your websites even more. To be on the safe side, we use not just commercial rules, but also custom-made ones which our staff include when they recognize attacks which have not yet been included inside the commercial pack.