Find out what ModSecurity is, how it works and precisely what it does so as to protect your Internet sites and apps.
ModSecurity is an efficient firewall for Apache web servers which is used to stop attacks towards web applications. It keeps track of the HTTP traffic to a given site in real time and stops any intrusion attempts as soon as it discovers them. The firewall uses a set of rules to accomplish that - as an example, trying to log in to a script administration area without success many times activates one rule, sending a request to execute a certain file which may result in gaining access to the website triggers another rule, and so forth. ModSecurity is amongst the best firewalls around and it will protect even scripts which aren't updated regularly as it can prevent attackers from using known exploits and security holes. Very thorough data about each intrusion attempt is recorded and the logs the firewall keeps are far more specific than the regular logs created by the Apache server, so you can later analyze them and decide whether you need to take extra measures in order to improve the safety of your script-driven websites.
ModSecurity in Shared Website Hosting
ModSecurity is available with every shared website hosting
package which we provide and it is switched on by default for any domain or subdomain that you add via your Hepsia CP. In the event that it disrupts any of your apps or you'd like to disable it for some reason, you shall be able to accomplish that through the ModSecurity section of Hepsia with merely a mouse click. You may also activate a passive mode, so the firewall will identify potential attacks and keep a log, but won't take any action. You'll be able to view detailed logs in the same section, including the IP address where the attack came from, what exactly the attacker aimed to do and at what time, what ModSecurity did, and so on. For optimum protection of our customers we use a group of commercial firewall rules combined with custom ones that are included by our system administrators.
ModSecurity in Semi-dedicated Servers
We've incorporated ModSecurity as a standard inside all semi-dedicated server
products, so your web apps shall be protected whenever you install them under any domain or subdomain. The Hepsia Control Panel that is included with the semi-dedicated accounts will allow you to enable or turn off the firewall for any website with a mouse click. You will also have the ability to turn on a passive detection mode with which ModSecurity shall keep a log of possible attacks without really preventing them. The comprehensive logs include things like the nature of the attack and what ModSecurity response this attack activated, where it came from, etc. The list of rules which we employ is constantly updated in order to match any new risks that could appear on the Internet and it includes both commercial rules that we get from a security corporation and custom-written ones that our administrators add if they find a threat that is not present inside the commercial list yet.
ModSecurity in VPS Servers
ModSecurity is provided with all Hepsia-based VPS servers
we offer and it'll be activated automatically for every new domain or subdomain which you include on the hosting server. In this way, any web app that you install will be protected immediately without doing anything by hand on your end. The firewall may be managed through the section of the CP that has the same name. This is the area in whichyou could turn off ModSecurity or enable its passive mode, so it won't take any action toward threats, but will still maintain a detailed log. The recorded information is available in the same section as well and you will be able to see what IPs any attacks originated from so that you block them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity reacted. The rules which we employ on our servers are a blend between commercial ones we get from a security organization and custom ones that are added by our admins to optimize the security of any web applications hosted on our end.
ModSecurity in Dedicated Servers
When you choose to host your Internet sites on a dedicated server
with the Hepsia Control Panel, your web apps shall be secured straight away as ModSecurity is supplied with all Hepsia-based plans. You will be able to control the firewall without difficulty and if needed, you will be able to turn it off or switch on its passive mode when it will only maintain a log of what's happening without taking any action to stop potential attacks. The logs which you will find within the very same section of the CP are very detailed and feature information about the attacker IP address, what site and file were attacked and in what way, what rule the firewall employed to stop the intrusion, etcetera. This data will enable you to take measures and increase the security of your websites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones that our administrators include when they detect attacks which have not yet been included inside the commercial pack.