ModSecurity
Discover what ModSecurity actually is, how it works and exactly what it can do to defend your websites and web apps.
ModSecurity is a powerful firewall for Apache web servers which is used to prevent attacks against web apps. It monitors the HTTP traffic to a certain site in real time and blocks any intrusion attempts the moment it discovers them. The firewall relies on a set of rules to do this - for instance, trying to log in to a script admin area unsuccessfully several times triggers one rule, sending a request to execute a particular file which could result in accessing the Internet site triggers another rule, and so on. ModSecurity is among the best firewalls available and it will secure even scripts which are not updated often since it can prevent attackers from using known exploits and security holes. Incredibly detailed data about every single intrusion attempt is recorded and the logs the firewall keeps are much more detailed than the regular logs provided by the Apache server, so you can later analyze them and determine if you need to take extra measures in order to enhance the safety of your script-driven Internet sites.
-
ModSecurity in Shared Hosting
ModSecurity comes standard with all
shared hosting plans that we offer and it'll be activated automatically for any domain or subdomain that you add/create within your Hepsia hosting CP. The firewall has three different modes, so you'll be able to switch on and deactivate it with a mouse click or set it to detection mode, so it will maintain a log of all attacks, but it'll not do anything to prevent them. The log for each of your Internet sites shall feature comprehensive information which includes the nature of the attack, where it came from, what action was taken by ModSecurity, and so on. The firewall rules which we use are constantly updated and consist of both commercial ones that we get from a third-party security firm and custom ones which our system administrators add in case that they detect a new type of attacks. This way, the Internet sites which you host here will be much more secure without any action needed on your end.
-
ModSecurity in Semi-dedicated Hosting
All
semi-dedicated hosting plans which we offer feature ModSecurity and since the firewall is enabled by default, any site which you set up under a domain or a subdomain shall be protected right away. An independent section in the Hepsia Control Panel which comes with the semi-dedicated accounts is dedicated to ModSecurity and it'll enable you to start and stop the firewall for any site or switch on a detection mode. With the last option, ModSecurity won't take any action, but it'll still recognize possible attacks and shall keep all information within a log as if it were completely active. The logs could be found inside the very same section of the Control Panel and they feature information regarding the IP where an attack originated from, what its nature was, what rule ModSecurity applies to recognize and stop it, and so on. The security rules that we use on our web servers are a mix of commercial ones from a security company and custom ones created by our system admins. Consequently, we provide greater security for your web applications as we can shield them from attacks even before security businesses release updates for brand new threats.
-
ModSecurity in VPS Hosting
ModSecurity is pre-installed on all
virtual private servers that are provided with the Hepsia hosting CP, so your web programs will be protected from the instant your server is in a position. The firewall is turned on by default for any domain or subdomain on the Virtual Private Server, but if required, you'll be able to disable it with a mouse click through the corresponding section of Hepsia. You can also set it to function in detection mode, so it'll maintain a comprehensive log of any possible attacks without taking any action to prevent them. The logs can be found within the same section and provide details about the nature of the attack, what IP address it came from and what ModSecurity rule was triggered to stop it. For optimum security, we use not simply commercial rules from a business operating in the field of web security, but also custom ones that our admins add manually so as to react to new threats that are still not addressed in the commercial rules.
-
ModSecurity in Dedicated Web Hosting
ModSecurity is provided with all
dedicated servers which are integrated with our Hepsia Control Panel and you will not have to do anything specific on your end to use it as it is switched on by default every time you add a new domain or subdomain on your hosting server. In case it disrupts some of your programs, you'll be able to stop it via the respective section of Hepsia, or you may leave it working in passive mode, so it will identify attacks and shall still keep a log for them, but won't prevent them. You may examine the logs later to find out what you can do to boost the protection of your Internet sites as you'll find details such as where an intrusion attempt originated from, what Internet site was attacked and in accordance with what rule ModSecurity reacted, etcetera. The rules which we use are commercial, thus they're regularly updated by a security company, but to be on the safe side, our admins also add custom rules occasionally in order to respond to any new threats they have discovered.