Discover what ModSecurity is, how it works and precisely what it does so as to protect your web sites and apps.
ModSecurity is a plugin for Apache web servers that acts as a web application layer firewall. It is used to prevent attacks toward script-driven websites by employing security rules that contain particular expressions. That way, the firewall can stop hacking and spamming attempts and protect even websites which aren't updated often. For instance, numerous failed login attempts to a script administrative area or attempts to execute a certain file with the intention to get access to the script will trigger specific rules, so ModSecurity shall block these activities the second it discovers them. The firewall is incredibly efficient as it monitors the whole HTTP traffic to an Internet site in real time without slowing it down, so it can easily prevent an attack before any damage is done. It also maintains a very detailed log of all attack attempts that features more info than conventional Apache logs, so you could later examine the data and take extra measures to increase the security of your sites if required.
ModSecurity in Cloud Web Hosting
ModSecurity is supplied with all cloud web hosting
machines, so if you opt to host your sites with our business, they shall be shielded from a wide array of attacks. The firewall is turned on by default for all domains and subdomains, so there'll be nothing you will have to do on your end. You will be able to stop ModSecurity for any website if necessary, or to switch on a detection mode, so that all activity will be recorded, but the firewall won't take any real action. You'll be able to view specific logs through your Hepsia CP including the IP address where the attack originated from, what the attacker wished to do and how ModSecurity handled the threat. As we take the protection of our customers' websites seriously, we use a set of commercial rules that we get from one of the leading companies that maintain this sort of rules. Our admins also include custom rules to ensure that your sites will be protected against as many risks as possible.
ModSecurity in Semi-dedicated Hosting
All semi-dedicated hosting
plans which we offer come with ModSecurity and because the firewall is switched on by default, any website you build under a domain or a subdomain will be secured right from the start. A separate section within the Hepsia CP that comes with the semi-dedicated accounts is dedicated to ModSecurity and it'll allow you to stop and start the firewall for any site or activate a detection mode. With the latter, ModSecurity won't take any action, but it will still detect possible attacks and will keep all information inside a log as if it were completely active. The logs can be found in the very same section of the CP and they offer information regarding the IP where an attack came from, what its nature was, what rule ModSecurity applies to identify and stop it, and so on. The security rules we employ on our web servers are a mix between commercial ones from a security company and custom ones developed by our system administrators. As a result, we offer increased security for your web programs as we can defend them from attacks even before security companies release updates for completely new threats.
ModSecurity in VPS Hosting
All virtual private servers
that are set up with the Hepsia CP come with ModSecurity. The firewall is installed and turned on by default for all domains which are hosted on the server, so there will not be anything special which you shall have to do to protect your Internet sites. It will take you a mouse click to stop ModSecurity if required or to turn on its passive mode so that it records what goes on without taking any steps to prevent intrusions. You'll be able to view the logs created in passive or active mode via the corresponding section of Hepsia and discover more about the type of the attack, where it originated from, what rule the firewall used to tackle it, etcetera. We use a combination of commercial and custom rules so as to ensure that ModSecurity shall stop as many threats as possible, thus improving the protection of your web apps as much as possible.
ModSecurity in Dedicated Web Hosting
ModSecurity is available by default with all dedicated servers
that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain you host or subdomain you create on the server. In the event that a web app doesn't operate properly, you can either turn off the firewall or set it to work in passive mode. The latter means that ModSecurity shall keep a log of any possible attack which might take place, but will not take any action to stop it. The logs produced in active or passive mode will present you with more details about the exact file which was attacked, the type of the attack and the IP it originated from, etcetera. This data will allow you to decide what steps you can take to improve the safety of your websites, including blocking IPs or performing script and plugin updates. The ModSecurity rules we use are updated often with a commercial pack from a third-party security firm we work with, but oftentimes our administrators include their own rules also in case they discover a new potential threat.