Learn what ModSecurity is, the way it works and just what exactly it can do to defend your websites and applications.
ModSecurity is a plugin for Apache web servers that functions as a web application layer firewall. It's used to prevent attacks against script-driven Internet sites through the use of security rules which contain specific expressions. This way, the firewall can prevent hacking and spamming attempts and shield even Internet sites that aren't updated on a regular basis. For example, multiple failed login attempts to a script admin area or attempts to execute a particular file with the intention to get access to the script will trigger specific rules, so ModSecurity shall block these activities the instant it detects them. The firewall is incredibly efficient because it tracks the entire HTTP traffic to an Internet site in real time without slowing it down, so it will be able to prevent an attack before any harm is done. It furthermore maintains an incredibly detailed log of all attack attempts which includes more information than conventional Apache logs, so you can later analyze the data and take extra measures to increase the security of your sites if needed.
ModSecurity in Cloud Hosting
We provide ModSecurity with all cloud hosting
solutions, so your web applications shall be resistant to destructive attacks. The firewall is activated as standard for all domains and subdomains, but in case you'd like, you shall be able to stop it using the respective part of your Hepsia Control Panel. You can also switch on a detection mode, so ModSecurity shall keep a log as intended, but won't take any action. The logs which you'll find inside Hepsia are very detailed and include info about the nature of any attack, when it took place and from what IP address, the firewall rule which was triggered, and so forth. We employ a range of commercial rules that are constantly updated, but sometimes our administrators add custom rules as well so as to better protect the sites hosted on our servers.
ModSecurity in Semi-dedicated Servers
All semi-dedicated server
packages that we offer include ModSecurity and since the firewall is switched on by default, any site you build under a domain or a subdomain shall be secured right away. An independent section inside the Hepsia CP which comes with the semi-dedicated accounts is dedicated to ModSecurity and it shall allow you to start and stop the firewall for any Internet site or switch on a detection mode. With the last option, ModSecurity shall not take any action, but it will still detect possible attacks and shall keep all data inside a log as if it were fully active. The logs can be found inside the very same section of the Control Panel and they feature details about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to detect and stop it, and so on. The security rules that we use on our web servers are a mix between commercial ones from a security business and custom ones created by our system admins. As a result, we provide higher security for your web applications as we can shield them from attacks even before security firms release updates for completely new threats.
ModSecurity in VPS Servers
Security is vital to us, so we install ModSecurity on all VPS servers
which are provided with the Hepsia Control Panel as a standard. The firewall can be managed via a dedicated section inside Hepsia and is switched on automatically when you include a new domain or create a subdomain, so you'll not need to do anything manually. You'll also be able to deactivate it or activate the so-called detection mode, so it shall keep a log of potential attacks which you can later study, but will not block them. The logs in both passive and active modes include information about the type of the attack and how it was eliminated, what IP it came from and other valuable information that may help you to tighten the security of your Internet sites by updating them or blocking IPs, as an example. In addition to the commercial rules we get for ModSecurity from a third-party security company, we also implement our own rules because once in a while we find specific attacks which are not yet present within the commercial package. This way, we could boost the protection of your VPS in a timely manner rather than awaiting a certified update.
ModSecurity in Dedicated Servers
When you choose to host your websites on a dedicated server
with the Hepsia CP, your web applications shall be protected immediately because ModSecurity is supplied with all Hepsia-based packages. You shall be able to manage the firewall easily and if required, you will be able to turn it off or enable its passive mode when it will only keep a log of what's going on without taking any action to prevent possible attacks. The logs which you'll find within the same section of the CP are extremely detailed and include information about the attacker IP address, what site and file were attacked and in what way, what rule the firewall used to stop the intrusion, etcetera. This data will permit you to take measures and boost the security of your Internet sites even more. To be on the safe side, we use not only commercial rules, but also custom-made ones that our staff include whenever they recognize attacks that have not yet been included within the commercial pack.