ModSecurity
Discover what ModSecurity is really, the way it works and just what exactly it does to protect your websites and web applications.
ModSecurity is a potent web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its functionality and in case it discovers an intrusion attempt, it blocks it. The firewall furthermore keeps a more thorough log for the site visitors than any web server does, so you shall manage to monitor what is happening with your Internet sites better than if you rely merely on standard logs. ModSecurity employs security rules based on which it stops attacks. For instance, it identifies if someone is trying to log in to the admin area of a certain script multiple times or if a request is sent to execute a file with a specific command. In such cases these attempts set off the corresponding rules and the firewall blocks the attempts in real time, after that records detailed info about them in its logs. ModSecurity is among the very best software firewalls available and it can easily protect your web applications against thousands of threats and vulnerabilities, particularly in case you don’t update them or their plugins frequently.
-
ModSecurity in Website Hosting
ModSecurity can be found with each and every
website hosting plan that we offer and it is turned on by default for any domain or subdomain which you include via your Hepsia CP. If it disrupts any of your applications or you'd like to disable it for whatever reason, you'll be able to do that through the ModSecurity area of Hepsia with just a mouse click. You could also use a passive mode, so the firewall will detect possible attacks and maintain a log, but will not take any action. You'll be able to view comprehensive logs in the very same section, including the IP where the attack came from, exactly what the attacker aimed to do and at what time, what ModSecurity did, etcetera. For maximum protection of our customers we use a set of commercial firewall rules blended with custom ones which are provided by our system admins.
-
ModSecurity in Semi-dedicated Servers
All
semi-dedicated server plans that we offer come with ModSecurity and because the firewall is turned on by default, any site which you set up under a domain or a subdomain shall be secured straight away. A separate section in the Hepsia Control Panel that comes with the semi-dedicated accounts is devoted to ModSecurity and it'll allow you to stop and start the firewall for any website or switch on a detection mode. With the last option, ModSecurity will not take any action, but it shall still detect possible attacks and shall keep all data in a log as if it were completely active. The logs can be found within the very same section of the Control Panel and they feature specifics about the IP where an attack came from, what its nature was, what rule ModSecurity applies to identify and stop it, and so on. The security rules we use on our servers are a mix of commercial ones from a security business and custom ones developed by our system administrators. Consequently, we provide greater security for your web programs as we can defend them from attacks before security corporations release updates for brand new threats.
-
ModSecurity in VPS Servers
Protection is essential to us, so we set up ModSecurity on all
VPS servers that are set up with the Hepsia Control Panel by default. The firewall could be managed via a dedicated section within Hepsia and is activated automatically when you include a new domain or create a subdomain, so you'll not have to do anything by hand. You'll also be able to disable it or activate the so-called detection mode, so it'll maintain a log of potential attacks which you can later analyze, but shall not stop them. The logs in both passive and active modes include info regarding the kind of the attack and how it was prevented, what IP address it originated from and other important information which may help you to tighten the security of your Internet sites by updating them or blocking IPs, for instance. Beyond the commercial rules we get for ModSecurity from a third-party security firm, we also implement our own rules since once in a while we identify specific attacks that aren't yet present in the commercial group. That way, we can boost the security of your VPS promptly as opposed to awaiting a certified update.
-
ModSecurity in Dedicated Servers
ModSecurity is offered by default with all
dedicated servers that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain that you host or subdomain you create on the web server. In the event that a web app doesn't function properly, you may either disable the firewall or set it to work in passive mode. The latter means that ModSecurity shall maintain a log of any potential attack which could happen, but shall not take any action to prevent it. The logs produced in active or passive mode will offer you additional details about the exact file that was attacked, the type of the attack and the IP address it originated from, etc. This information shall enable you to choose what measures you can take to increase the safety of your Internet sites, such as blocking IPs or carrying out script and plugin updates. The ModSecurity rules that we employ are updated often with a commercial bundle from a third-party security firm we work with, but sometimes our administrators include their own rules as well in case they identify a new potential threat.