ModSecurity
Find out what ModSecurity is, how it works and exactly what it will do to guard your web sites and applications.
ModSecurity is a plugin for Apache web servers which acts as a web app layer firewall. It is used to prevent attacks towards script-driven sites by using security rules which contain particular expressions. That way, the firewall can stop hacking and spamming attempts and preserve even sites which are not updated regularly. For instance, several failed login attempts to a script administrative area or attempts to execute a specific file with the objective to get access to the script will trigger particular rules, so ModSecurity will block these activities the minute it identifies them. The firewall is extremely efficient as it screens the whole HTTP traffic to an Internet site in real time without slowing it down, so it can stop an attack before any harm is done. It furthermore maintains a very detailed log of all attack attempts that contains more info than typical Apache logs, so you can later examine the data and take further measures to increase the security of your websites if necessary.
-
ModSecurity in Cloud Web Hosting
ModSecurity is supplied with all
cloud web hosting servers, so if you decide to host your sites with our business, they'll be shielded from an array of attacks. The firewall is turned on by default for all domains and subdomains, so there'll be nothing you shall have to do on your end. You shall be able to stop ModSecurity for any Internet site if required, or to switch on a detection mode, so all activity will be recorded, but the firewall shall not take any real action. You shall be able to view comprehensive logs from your Hepsia CP including the IP where the attack came from, what the attacker wanted to do and how ModSecurity addressed the threat. As we take the safety of our clients' sites very seriously, we employ a group of commercial rules which we get from one of the leading companies that maintain this kind of rules. Our admins also include custom rules to make certain that your Internet sites shall be resistant to as many risks as possible.
-
ModSecurity in Semi-dedicated Hosting
Any web app you install inside your new
semi-dedicated hosting account shall be protected by ModSecurity as the firewall is provided with all our hosting plans and is switched on by default for any domain and subdomain you include or create through your Hepsia hosting CP. You will be able to manage ModSecurity through a dedicated section in Hepsia where not simply can you activate or deactivate it completely, but you may also switch on a passive mode, so the firewall will not stop anything, but it shall still maintain an archive of possible attacks. This requires simply a mouse click and you'll be able to look at the logs no matter if ModSecurity is in passive or active mode through the same section - what the attack was and where it came from, how it was dealt with, etc. The firewall uses 2 sets of rules on our machines - a commercial one which we get from a third-party web security company and a custom one which our admins update personally as to respond to recently discovered risks at the earliest opportunity.
-
ModSecurity in VPS Hosting
ModSecurity is provided with all Hepsia-based
virtual private servers that we offer and it'll be activated automatically for any new domain or subdomain you include on the web server. This way, any web application which you install shall be secured right away without doing anything personally on your end. The firewall could be handled via the section of the CP which bears the same name. This is the place in whichyou'll be able to turn off ModSecurity or let its passive mode, so it will not take any action towards threats, but will still maintain a detailed log. The recorded data is available within the same section as well and you will be able to see what IPs any attacks came from so that you block them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity responded. The rules we use on our servers are a combination between commercial ones which we obtain from a security company and custom ones that are included by our admins to maximize the protection of any web applications hosted on our end.
-
ModSecurity in Dedicated Web Hosting
ModSecurity is provided by default with all
dedicated servers that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain you host or subdomain that you create on the server. Just in case that a web application does not function properly, you can either turn off the firewall or set it to work in passive mode. The latter means that ModSecurity shall maintain a log of any potential attack which could take place, but will not take any action to prevent it. The logs generated in active or passive mode shall present you with more details about the exact file which was attacked, the nature of the attack and the IP address it originated from, and so forth. This information shall permit you to determine what measures you can take to boost the security of your Internet sites, including blocking IPs or performing script and plugin updates. The ModSecurity rules that we use are updated regularly with a commercial bundle from a third-party security firm we work with, but sometimes our administrators include their own rules also if they come across a new potential threat.