ModSecurity
Find out what ModSecurity is, how it operates and precisely what it will do to shield your sites and applications.
ModSecurity is a plugin for Apache web servers which acts as a web app layer firewall. It is used to stop attacks towards script-driven websites by using security rules which contain particular expressions. In this way, the firewall can stop hacking and spamming attempts and protect even websites that are not updated frequently. For example, numerous failed login attempts to a script admin area or attempts to execute a particular file with the intention to get access to the script will trigger particular rules, so ModSecurity will block out these activities the instant it identifies them. The firewall is very efficient since it screens the whole HTTP traffic to a website in real time without slowing it down, so it can prevent an attack before any damage is done. It additionally keeps a very comprehensive log of all attack attempts that contains more info than standard Apache logs, so you can later analyze the data and take extra measures to improve the security of your websites if needed.
-
ModSecurity in Cloud Website Hosting
We provide ModSecurity with all
cloud website hosting plans, so your Internet applications will be protected against malicious attacks. The firewall is switched on by default for all domains and subdomains, but if you would like, you shall be able to stop it through the respective section of your Hepsia CP. You can also switch on a detection mode, so ModSecurity shall keep a log as intended, but won't take any action. The logs which you shall discover within Hepsia are extremely detailed and feature info about the nature of any attack, when it took place and from what IP address, the firewall rule which was triggered, etcetera. We employ a set of commercial rules that are frequently updated, but sometimes our admins include custom rules as well so as to better protect the websites hosted on our servers.
-
ModSecurity in Semi-dedicated Servers
Any web app which you set up in your new
semi-dedicated server account shall be protected by ModSecurity as the firewall comes with all our hosting packages and is activated by default for any domain and subdomain that you include or create through your Hepsia hosting CP. You'll be able to manage ModSecurity through a dedicated section within Hepsia where not only could you activate or deactivate it completely, but you can also enable a passive mode, so the firewall shall not block anything, but it will still maintain an archive of possible attacks. This takes simply a mouse click and you shall be able to see the logs no matter if ModSecurity is in active or passive mode through the same section - what the attack was and where it came from, how it was addressed, and so forth. The firewall uses 2 groups of rules on our servers - a commercial one that we get from a third-party web security provider and a custom one that our admins update manually as to respond to newly discovered risks as quickly as possible.
-
ModSecurity in VPS Servers
All
VPS servers which are set up with the Hepsia Control Panel feature ModSecurity. The firewall is installed and switched on by default for all domains that are hosted on the machine, so there won't be anything special which you shall have to do to protect your websites. It will take you just a mouse click to stop ModSecurity if required or to switch on its passive mode so that it records what occurs without taking any actions to prevent intrusions. You shall be able to see the logs created in active or passive mode from the corresponding section of Hepsia and learn more about the type of the attack, where it came from, what rule the firewall employed to handle it, and so forth. We employ a combination of commercial and custom rules in order to make certain that ModSecurity will prevent as many risks as possible, hence improving the security of your web apps as much as possible.
-
ModSecurity in Dedicated Servers
ModSecurity is provided with all
dedicated servers which are integrated with our Hepsia CP and you will not have to do anything specific on your end to use it as it's activated by default every time you add a new domain or subdomain on your server. In case it disrupts some of your apps, you'll be able to stop it through the respective section of Hepsia, or you could leave it operating in passive mode, so it'll recognize attacks and shall still keep a log for them, but shall not prevent them. You may look at the logs later to find out what you can do to improve the safety of your sites as you shall find details such as where an intrusion attempt came from, what site was attacked and based on what rule ModSecurity responded, and so forth. The rules that we use are commercial, therefore they are constantly updated by a security firm, but to be on the safe side, our staff also include custom rules every now and then in order to react to any new threats they have found.