Discover what ModSecurity is, how it works and precisely what it does in order to protect your web sites and applications.
ModSecurity is an effective firewall for Apache web servers that's employed to prevent attacks against web applications. It tracks the HTTP traffic to a specific Internet site in real time and stops any intrusion attempts the moment it detects them. The firewall uses a set of rules to accomplish that - as an illustration, attempting to log in to a script administrator area unsuccessfully several times triggers one rule, sending a request to execute a particular file which may result in accessing the site triggers another rule, etc. ModSecurity is amongst the best firewalls out there and it will protect even scripts that are not updated regularly because it can prevent attackers from using known exploits and security holes. Quite thorough info about every single intrusion attempt is recorded and the logs the firewall maintains are far more specific than the regular logs created by the Apache server, so you could later analyze them and decide if you need to take additional measures so as to improve the safety of your script-driven Internet sites.
ModSecurity in Website Hosting
ModSecurity comes standard with all website hosting
packages which we supply and it shall be activated automatically for any domain or subdomain that you add/create within your Hepsia hosting CP. The firewall has three different modes, so you could activate and disable it with a click or set it to detection mode, so it will maintain a log of all attacks, but it shall not do anything to prevent them. The log for any of your websites shall include detailed info such as the nature of the attack, where it originated from, what action was taken by ModSecurity, and so on. The firewall rules that we use are constantly updated and consist of both commercial ones which we get from a third-party security company and custom ones our system administrators include in the event that they detect a new sort of attacks. This way, the websites that you host here shall be much more secure with no action expected on your end.
ModSecurity in Semi-dedicated Servers
All semi-dedicated server
solutions that we offer come with ModSecurity and because the firewall is turned on by default, any site you build under a domain or a subdomain shall be protected right away. An individual section within the Hepsia Control Panel which comes with the semi-dedicated accounts is dedicated to ModSecurity and it shall permit you to start and stop the firewall for any website or activate a detection mode. With the last option, ModSecurity won't take any action, but it shall still detect possible attacks and will keep all information in a log as if it were 100% active. The logs could be found within the very same section of the CP and they feature information regarding the IP where an attack came from, what its nature was, what rule ModSecurity applies to identify and stop it, and so on. The security rules that we use on our machines are a mix between commercial ones from a security company and custom ones created by our system administrators. As a result, we offer increased security for your web applications as we can shield them from attacks before security businesses release updates for completely new threats.
ModSecurity in VPS Servers
Security is of the utmost importance to us, so we set up ModSecurity on all VPS servers
which are provided with the Hepsia Control Panel by default. The firewall can be managed through a dedicated section within Hepsia and is activated automatically when you add a new domain or create a subdomain, so you won't need to do anything personally. You will also be able to deactivate it or turn on the so-called detection mode, so it will maintain a log of potential attacks which you can later analyze, but shall not stop them. The logs in both passive and active modes include info regarding the type of the attack and how it was prevented, what IP address it originated from and other valuable data that may help you to tighten the security of your websites by updating them or blocking IPs, for example. On top of the commercial rules that we get for ModSecurity from a third-party security company, we also implement our own rules since from time to time we identify specific attacks which aren't yet present in the commercial pack. That way, we could boost the protection of your Virtual private server in a timely manner instead of waiting for an official update.
ModSecurity in Dedicated Servers
All our dedicated servers
which are set up with the Hepsia hosting Control Panel feature ModSecurity, so any application which you upload or set up shall be secured from the very beginning and you will not have to bother about common attacks or vulnerabilities. An individual section in Hepsia will enable you to start or stop the firewall for each and every domain or subdomain, or activate a detection mode so that it records information about intrusions, but doesn't take actions to stop them. What you shall discover in the logs shall help you to secure your sites better - the IP address an attack came from, what site was attacked and exactly how, what ModSecurity rule was triggered, etc. With this info, you could see if a site needs an update, whether you ought to block IPs from accessing your web server, and so forth. Besides the third-party commercial security rules for ModSecurity that we use, our administrators add custom ones as well every time they find a new threat which is not yet in the commercial bundle.