Learn what ModSecurity is, how it works and precisely what it does to protect your web sites and applications.
ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to a site without affecting its overall performance and if it discovers an intrusion attempt, it prevents it. The firewall furthermore maintains a more comprehensive log for the site visitors than any server does, so you will be able to monitor what's happening with your sites a lot better than if you rely merely on standard logs. ModSecurity employs security rules based on which it stops attacks. For example, it recognizes if someone is attempting to log in to the admin area of a specific script multiple times or if a request is sent to execute a file with a certain command. In such instances these attempts trigger the corresponding rules and the firewall program blocks the attempts instantly, then records detailed info about them in its logs. ModSecurity is one of the very best software firewalls on the market and it can easily protect your web apps against thousands of threats and vulnerabilities, particularly in case you don’t update them or their plugins regularly.
ModSecurity in Cloud Hosting
We provide ModSecurity with all cloud hosting
solutions, so your web apps will be resistant to harmful attacks. The firewall is switched on by default for all domains and subdomains, but in case you would like, you will be able to stop it through the respective part of your Hepsia CP. You could also activate a detection mode, so ModSecurity shall keep a log as intended, but shall not take any action. The logs which you will discover inside Hepsia are very detailed and feature information about the nature of any attack, when it happened and from what IP, the firewall rule that was triggered, and so forth. We use a set of commercial rules which are regularly updated, but sometimes our administrators add custom rules as well in order to efficiently protect the sites hosted on our servers.
ModSecurity in Semi-dedicated Hosting
We have integrated ModSecurity by default inside all semi-dedicated hosting
products, so your web apps will be protected the instant you install them under any domain or subdomain. The Hepsia Control Panel that is included with the semi-dedicated accounts will allow you to enable or disable the firewall for any site with a click. You will also be able to switch on a passive detection mode with which ModSecurity will maintain a log of possible attacks without really stopping them. The comprehensive logs include things like the nature of the attack and what ModSecurity response this attack generated, where it originated from, and so on. The list of rules that we use is frequently updated as to match any new risks which may appear on the Internet and it includes both commercial rules that we get from a security firm and custom-written ones that our admins add if they discover a threat that is not present inside the commercial list yet.
ModSecurity in VPS
Protection is vital to us, so we install ModSecurity on all virtual private servers
which are made available with the Hepsia CP as a standard. The firewall could be managed through a dedicated section inside Hepsia and is turned on automatically when you add a new domain or generate a subdomain, so you will not have to do anything personally. You shall also be able to deactivate it or activate the so-called detection mode, so it shall keep a log of possible attacks that you can later analyze, but won't stop them. The logs in both passive and active modes contain information about the type of the attack and how it was stopped, what IP address it originated from and other important info which might help you to tighten the security of your sites by updating them or blocking IPs, as an example. Beyond the commercial rules which we get for ModSecurity from a third-party security company, we also employ our own rules because from time to time we find specific attacks which aren't yet present in the commercial group. This way, we could increase the protection of your Virtual private server immediately rather than awaiting an official update.
ModSecurity in Dedicated Hosting
If you choose to host your Internet sites on a dedicated server
with the Hepsia CP, your web apps shall be secured straight away because ModSecurity is available with all Hepsia-based solutions. You shall be able to manage the firewall effortlessly and if needed, you will be able to turn it off or activate its passive mode when it'll only keep a log of what is occurring without taking any action to prevent possible attacks. The logs that you will find within the exact same section of the CP are extremely detailed and feature data about the attacker IP, what website and file were attacked and in what way, what rule the firewall employed to prevent the intrusion, etcetera. This data shall allow you to take measures and increase the security of your Internet sites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones which our administrators include when they detect attacks that haven't yet been included inside the commercial pack.