Learn what ModSecurity is, how it works and precisely what it does to protect your Internet sites and apps.
ModSecurity is an efficient firewall for Apache web servers that is used to stop attacks against web apps. It tracks the HTTP traffic to a certain Internet site in real time and stops any intrusion attempts as soon as it discovers them. The firewall uses a set of rules to do this - as an illustration, trying to log in to a script admin area without success several times activates one rule, sending a request to execute a certain file that could result in accessing the Internet site triggers a different rule, and so on. ModSecurity is one of the best firewalls out there and it will protect even scripts which are not updated frequently as it can prevent attackers from employing known exploits and security holes. Incredibly comprehensive information about each and every intrusion attempt is recorded and the logs the firewall maintains are considerably more specific than the regular logs generated by the Apache server, so you may later analyze them and decide if you need to take extra measures in order to boost the safety of your script-driven websites.
ModSecurity in Website Hosting
ModSecurity is available on all website hosting
machines, so when you decide to host your websites with our business, they shall be resistant to a wide range of attacks. The firewall is enabled by default for all domains and subdomains, so there shall be nothing you'll need to do on your end. You'll be able to stop ModSecurity for any Internet site if necessary, or to activate a detection mode, so that all activity will be recorded, but the firewall shall not take any real action. You'll be able to view detailed logs through your Hepsia CP including the IP where the attack originated from, what the attacker wanted to do and how ModSecurity dealt with the threat. As we take the security of our clients' sites seriously, we employ a collection of commercial rules which we take from one of the top firms that maintain such rules. Our admins also include custom rules to ensure that your Internet sites will be protected against as many threats as possible.
ModSecurity in Semi-dedicated Servers
ModSecurity is part of our semi-dedicated server
solutions and if you decide to host your Internet sites with our company, there will not be anything special you'll have to do since the firewall is activated by default for all domains and subdomains which you add using your hosting CP. If needed, you'll be able to disable ModSecurity for a certain website or activate the so-called detection mode in which case the firewall will still operate and record info, but shall not do anything to prevent potential attacks against your sites. Detailed logs will be accessible within your Control Panel and you will be able to see which kind of attacks took place, what security rules were triggered and how the firewall handled the threats, what Internet protocol addresses the attacks came from, and so on. We use two types of rules on our servers - commercial ones from an organization that operates in the field of web security, and custom ones that our administrators sometimes add to respond to newly discovered threats on time.
ModSecurity in VPS Servers
All VPS servers
that are set up with the Hepsia CP come with ModSecurity. The firewall is set up and switched on by default for all domains which are hosted on the server, so there won't be anything special that you shall have to do to protect your sites. It'll take you simply a mouse click to stop ModSecurity if required or to switch on its passive mode so that it records what happens without taking any actions to prevent intrusions. You'll be able to look at the logs created in active or passive mode via the corresponding section of Hepsia and find out more about the type of the attack, where it originated from, what rule the firewall employed to handle it, and so on. We employ a mixture of commercial and custom rules so as to make sure that ModSecurity will block out as many threats as possible, therefore improving the protection of your web apps as much as possible.
ModSecurity in Dedicated Servers
All of our dedicated servers
that are set up with the Hepsia hosting CP include ModSecurity, so any app which you upload or set up shall be secured from the very beginning and you will not need to worry about common attacks or vulnerabilities. An independent section in Hepsia will allow you to start or stop the firewall for every domain or subdomain, or activate a detection mode so that it records info about intrusions, but does not take actions to stop them. What you'll see in the logs shall allow you to to secure your Internet sites better - the IP address an attack came from, what website was attacked as well as how, what ModSecurity rule was triggered, and so forth. With this info, you could see whether a site needs an update, whether you ought to block IPs from accessing your hosting server, etc. Aside from the third-party commercial security rules for ModSecurity which we use, our administrators include custom ones as well if they find a new threat that is not yet in the commercial bundle.