ModSecurity
Learn what ModSecurity is, how it functions and just what it does in order to protect your Internet sites and apps.
ModSecurity is a plugin for Apache web servers that functions as a web app layer firewall. It's employed to prevent attacks towards script-driven sites by employing security rules that contain particular expressions. This way, the firewall can block hacking and spamming attempts and protect even sites that aren't updated on a regular basis. For example, several unsuccessful login attempts to a script administrative area or attempts to execute a particular file with the objective to get access to the script shall trigger certain rules, so ModSecurity shall stop these activities the moment it detects them. The firewall is incredibly efficient since it tracks the entire HTTP traffic to a site in real time without slowing it down, so it will be able to prevent an attack before any damage is done. It additionally keeps an exceptionally thorough log of all attack attempts which includes more info than conventional Apache logs, so you can later check out the data and take extra measures to boost the security of your sites if needed.
-
ModSecurity in Website Hosting
ModSecurity comes standard with all
website hosting solutions that we provide and it will be turned on automatically for any domain or subdomain you add/create in your Hepsia hosting CP. The firewall has 3 different modes, so you could activate and deactivate it with only a click or set it to detection mode, so it'll maintain a log of all attacks, but it shall not do anything to prevent them. The log for any of your sites shall feature in-depth info including the nature of the attack, where it originated from, what action was taken by ModSecurity, etcetera. The firewall rules we use are regularly updated and consist of both commercial ones which we get from a third-party security company and custom ones our system administrators add in case that they detect a new kind of attacks. That way, the sites that you host here shall be way more protected without any action expected on your end.
-
ModSecurity in Semi-dedicated Hosting
We have included ModSecurity by default in all
semi-dedicated hosting packages, so your web apps shall be protected the instant you set them up under any domain or subdomain. The Hepsia CP which comes with the semi-dedicated accounts will permit you to switch on or turn off the firewall for any site with a mouse click. You will also have the ability to activate a passive detection mode in which ModSecurity shall maintain a log of possible attacks without really stopping them. The detailed logs include the nature of the attack and what ModSecurity response that attack activated, where it came from, and so forth. The list of rules we employ is constantly updated in order to match any new threats that may appear on the Internet and it features both commercial rules that we get from a security corporation and custom-written ones that our administrators include in the event that they find a threat that's not present in the commercial list yet.
-
ModSecurity in VPS Hosting
All
virtual private servers which are set up with the Hepsia CP feature ModSecurity. The firewall is set up and switched on by default for all domains which are hosted on the server, so there will not be anything special which you will have to do to protect your websites. It shall take you only a click to stop ModSecurity if necessary or to turn on its passive mode so that it records what happens without taking any measures to stop intrusions. You shall be able to look at the logs created in passive or active mode from the corresponding section of Hepsia and discover more about the form of the attack, where it came from, what rule the firewall used to tackle it, etcetera. We use a combination of commercial and custom rules so as to ensure that ModSecurity will block as many risks as possible, therefore enhancing the protection of your web programs as much as possible.
-
ModSecurity in Dedicated Web Hosting
All our
dedicated servers which are set up with the Hepsia hosting CP come with ModSecurity, so any application which you upload or install shall be properly secured from the very beginning and you'll not need to bother about common attacks or vulnerabilities. An individual section in Hepsia will enable you to start or stop the firewall for each domain or subdomain, or switch on a detection mode so that it records details about intrusions, but doesn't take actions to stop them. What you shall find in the logs can easily allow you to to secure your websites better - the IP address an attack originated from, what site was attacked and in what way, what ModSecurity rule was triggered, and so on. With this data, you'll be able to see if an Internet site needs an update, if you ought to block IPs from accessing your server, and so forth. Aside from the third-party commercial security rules for ModSecurity we use, our administrators include custom ones as well if they find a new threat that is not yet in the commercial bundle.