Find out what ModSecurity is, how it works and precisely what it does to protect your sites and apps.
ModSecurity is a highly effective firewall for Apache web servers that is employed to stop attacks against web apps. It tracks the HTTP traffic to a certain website in real time and stops any intrusion attempts the instant it identifies them. The firewall uses a set of rules to do this - as an illustration, attempting to log in to a script administrator area without success a few times activates one rule, sending a request to execute a certain file that could result in getting access to the website triggers another rule, and so on. ModSecurity is one of the best firewalls out there and it'll secure even scripts that are not updated often as it can prevent attackers from employing known exploits and security holes. Incredibly comprehensive data about each and every intrusion attempt is recorded and the logs the firewall maintains are considerably more detailed than the conventional logs generated by the Apache server, so you could later examine them and determine whether you need to take additional measures so as to boost the protection of your script-driven websites.
ModSecurity in Cloud Website Hosting
We provide ModSecurity with all cloud website hosting
packages, so your web applications will be resistant to malicious attacks. The firewall is activated by default for all domains and subdomains, but if you would like, you will be able to stop it via the respective area of your Hepsia CP. You could also switch on a detection mode, so ModSecurity will keep a log as intended, but shall not take any action. The logs that you shall discover inside Hepsia are quite detailed and feature data about the nature of any attack, when it took place and from what IP address, the firewall rule that was triggered, etc. We employ a set of commercial rules which are frequently updated, but sometimes our admins add custom rules as well in order to efficiently protect the sites hosted on our machines.
ModSecurity in Semi-dedicated Hosting
Any web app you install inside your new semi-dedicated hosting
account will be protected by ModSecurity as the firewall is included with all our hosting packages and is activated by default for any domain and subdomain which you include or create via your Hepsia hosting Control Panel. You will be able to manage ModSecurity via a dedicated area in Hepsia where not simply can you activate or deactivate it completely, but you can also activate a passive mode, so the firewall will not stop anything, but it shall still maintain a record of possible attacks. This takes just a click and you will be able to look at the logs no matter if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was dealt with, and so forth. The firewall employs 2 groups of rules on our machines - a commercial one that we get from a third-party web security provider and a custom one that our administrators update personally as to respond to recently discovered risks as quickly as possible.
ModSecurity in VPS
ModSecurity comes with all Hepsia-based virtual private servers
which we offer and it will be turned on automatically for any new domain or subdomain that you include on the machine. This way, any web application which you install will be protected right from the start without doing anything by hand on your end. The firewall can be managed via the section of the CP which has the same name. This is the location whereyou'll be able to disable ModSecurity or activate its passive mode, so it will not take any action against threats, but shall still maintain a thorough log. The recorded data is available inside the same area as well and you shall be able to see what IPs any attacks originated from so that you block them, what the nature of the attempted attacks was and based upon what security rules ModSecurity responded. The rules that we use on our servers are a blend between commercial ones that we obtain from a security firm and custom ones that are added by our admins to improve the protection of any web applications hosted on our end.
ModSecurity in Dedicated Hosting
ModSecurity comes with all dedicated servers
which are integrated with our Hepsia CP and you'll not have to do anything specific on your end to employ it since it is enabled by default each time you include a new domain or subdomain on your hosting server. In the event that it disrupts some of your apps, you will be able to stop it via the respective section of Hepsia, or you may leave it working in passive mode, so it shall recognize attacks and shall still keep a log for them, but shall not prevent them. You'll be able to analyze the logs later to find out what you can do to boost the security of your websites as you'll find info such as where an intrusion attempt originated from, what Internet site was attacked and in accordance with what rule ModSecurity responded, etc. The rules we use are commercial, therefore they are frequently updated by a security firm, but to be on the safe side, our administrators also add custom rules from time to time as to react to any new threats they have found.