ModSecurity
Find out what ModSecurity is, how it functions and precisely what it does so as to protect your sites and apps.
ModSecurity is a plugin for Apache web servers which functions as a web application layer firewall. It's employed to stop attacks towards script-driven websites by employing security rules which contain specific expressions. In this way, the firewall can prevent hacking and spamming attempts and shield even Internet sites that are not updated frequently. For instance, a number of failed login attempts to a script administrative area or attempts to execute a certain file with the intention to get access to the script will trigger certain rules, so ModSecurity shall stop these activities the moment it identifies them. The firewall is quite efficient since it screens the whole HTTP traffic to an Internet site in real time without slowing it down, so it could prevent an attack before any harm is done. It additionally keeps an incredibly thorough log of all attack attempts that includes more info than standard Apache logs, so you could later analyze the data and take additional measures to enhance the security of your Internet sites if needed.
-
ModSecurity in Cloud Website Hosting
ModSecurity is offered with every single
cloud website hosting plan which we provide and it is activated by default for any domain or subdomain which you include via your Hepsia Control Panel. In the event that it disrupts any of your programs or you'd like to disable it for some reason, you shall be able to do this through the ModSecurity section of Hepsia with just a click. You may also use a passive mode, so the firewall will recognize potential attacks and maintain a log, but will not take any action. You could see detailed logs in the very same section, including the IP address where the attack came from, what precisely the attacker tried to do and at what time, what ModSecurity did, and so on. For optimum security of our customers we use a set of commercial firewall rules combined with custom ones that are included by our system admins.
-
ModSecurity in Semi-dedicated Hosting
ModSecurity is part of our
semi-dedicated hosting packages and if you opt to host your Internet sites with us, there will not be anything special you will have to do given that the firewall is activated by default for all domains and subdomains you add through your hosting Control Panel. If needed, you could disable ModSecurity for a given Internet site or turn on the so-called detection mode in which case the firewall shall still function and record info, but won't do anything to prevent potential attacks against your websites. In depth logs shall be available in your Control Panel and you shall be able to see what type of attacks occurred, what security rules were triggered and how the firewall dealt with the threats, what Internet protocol addresses the attacks originated from, and so on. We use 2 sorts of rules on our servers - commercial ones from a company that operates in the field of web security, and customized ones which our administrators occasionally add to respond to newly identified risks in a timely manner.
-
ModSecurity in VPS
ModSecurity is pre-installed on all
virtual private servers that are provided with the Hepsia hosting CP, so your web apps shall be secured from the second your server is ready. The firewall is activated by default for any domain or subdomain on the Virtual Private Server, but if required, you can deactivate it with a mouse click through the corresponding section of Hepsia. You can also set it to function in detection mode, so it shall keep a comprehensive log of any possible attacks without taking any action to prevent them. The logs can be found inside the very same section and provide info about the nature of the attack, what IP it originated from and what ModSecurity rule was triggered to stop it. For optimum security, we employ not just commercial rules from a firm operating in the field of web security, but also custom ones which our administrators include manually so as to react to new risks which are still not addressed in the commercial rules.
-
ModSecurity in Dedicated Hosting
All of our
dedicated servers that are installed with the Hepsia hosting Control Panel feature ModSecurity, so any program you upload or set up shall be protected from the very beginning and you'll not need to concern yourself with common attacks or vulnerabilities. An individual section within Hepsia will permit you to start or stop the firewall for each and every domain or subdomain, or switch on a detection mode so that it records information regarding intrusions, but doesn't take actions to stop them. What you'll see in the logs shall enable you to to secure your websites better - the IP an attack originated from, what website was attacked and in what way, what ModSecurity rule was triggered, etc. With this info, you'll be able to see whether an Internet site needs an update, whether you need to block IPs from accessing your hosting server, and so on. Aside from the third-party commercial security rules for ModSecurity that we use, our administrators include custom ones too if they discover a new threat that's not yet included in the commercial bundle.