Find out what ModSecurity is, how it operates and just what it will do to protect your web sites and apps.
ModSecurity is a plugin for Apache web servers that acts as a web app layer firewall. It is employed to stop attacks towards script-driven websites through the use of security rules which contain specific expressions. That way, the firewall can stop hacking and spamming attempts and shield even Internet sites that are not updated often. As an example, a number of failed login attempts to a script admin area or attempts to execute a specific file with the objective to get access to the script shall trigger particular rules, so ModSecurity shall block these activities the minute it detects them. The firewall is incredibly efficient as it screens the entire HTTP traffic to a site in real time without slowing it down, so it could prevent an attack before any harm is done. It additionally maintains a very thorough log of all attack attempts which contains more info than typical Apache logs, so you can later check out the data and take extra measures to increase the security of your Internet sites if needed.
ModSecurity in Shared Hosting
ModSecurity comes standard with all shared hosting
solutions that we offer and it shall be switched on automatically for any domain or subdomain that you add/create within your Hepsia hosting CP. The firewall has 3 different modes, so you can activate and deactivate it with just a mouse click or set it to detection mode, so it will maintain a log of all attacks, but it will not do anything to prevent them. The log for each of your websites will contain elaborate information such as the nature of the attack, where it came from, what action was taken by ModSecurity, etc. The firewall rules that we use are frequently updated and comprise of both commercial ones we get from a third-party security business and custom ones our system administrators include in case that they detect a new type of attacks. In this way, the Internet sites which you host here will be a lot more protected with no action expected on your end.
ModSecurity in Semi-dedicated Servers
All semi-dedicated server
solutions which we offer feature ModSecurity and given that the firewall is enabled by default, any site which you create under a domain or a subdomain shall be secured straight away. A separate section within the Hepsia Control Panel that comes with the semi-dedicated accounts is devoted to ModSecurity and it'll permit you to stop and start the firewall for any Internet site or enable a detection mode. With the last option, ModSecurity won't take any action, but it'll still detect possible attacks and will keep all info in a log as if it were fully active. The logs can be found inside the very same section of the CP and they offer info about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to identify and stop it, etc. The security rules which we employ on our machines are a mix of commercial ones from a security business and custom ones made by our system admins. As a result, we provide greater security for your web applications as we can defend them from attacks before security businesses release updates for new threats.
ModSecurity in VPS Servers
Protection is essential to us, so we install ModSecurity on all VPS servers
which are set up with the Hepsia Control Panel by default. The firewall can be managed through a dedicated section in Hepsia and is turned on automatically when you add a new domain or generate a subdomain, so you will not have to do anything by hand. You'll also be able to deactivate it or turn on the so-called detection mode, so it will maintain a log of possible attacks you can later examine, but will not prevent them. The logs in both passive and active modes include information about the form of the attack and how it was stopped, what IP it originated from and other important info that could help you to tighten the security of your Internet sites by updating them or blocking IPs, as an example. On top of the commercial rules that we get for ModSecurity from a third-party security enterprise, we also employ our own rules as every now and then we discover specific attacks that are not yet present in the commercial pack. This way, we could increase the security of your Virtual private server instantly as opposed to waiting for a certified update.
ModSecurity in Dedicated Servers
All of our dedicated servers
that are set up with the Hepsia hosting Control Panel include ModSecurity, so any app you upload or install shall be secured from the very beginning and you won't have to concern yourself with common attacks or vulnerabilities. An independent section inside Hepsia will allow you to start or stop the firewall for each domain or subdomain, or switch on a detection mode so that it records details about intrusions, but doesn't take actions to stop them. What you'll find in the logs can allow you to to secure your Internet sites better - the IP address an attack came from, what site was attacked as well as how, what ModSecurity rule was triggered, etcetera. With this info, you'll be able to see whether an Internet site needs an update, if you need to block IPs from accessing your web server, and so on. On top of the third-party commercial security rules for ModSecurity which we use, our administrators include custom ones as well if they come across a new threat which is not yet included in the commercial bundle.