Discover what ModSecurity is, how it works and what exactly it does in order to protect your web sites and applications.
ModSecurity is a plugin for Apache web servers which acts as a web application layer firewall. It's used to stop attacks toward script-driven Internet sites by using security rules that contain certain expressions. In this way, the firewall can block hacking and spamming attempts and preserve even websites that are not updated often. For instance, a number of failed login attempts to a script administrative area or attempts to execute a particular file with the intention to get access to the script shall trigger particular rules, so ModSecurity shall block out these activities the moment it discovers them. The firewall is extremely efficient because it tracks the whole HTTP traffic to an Internet site in real time without slowing it down, so it could prevent an attack before any harm is done. It furthermore keeps a very comprehensive log of all attack attempts that features more info than standard Apache logs, so you could later examine the data and take additional measures to improve the security of your Internet sites if required.
ModSecurity in Cloud Web Hosting
We provide ModSecurity with all cloud web hosting
plans, so your web apps will be shielded from harmful attacks. The firewall is switched on as standard for all domains and subdomains, but if you would like, you shall be able to stop it using the respective part of your Hepsia Control Panel. You'll be able to also activate a detection mode, so ModSecurity will keep a log as intended, but won't take any action. The logs that you'll discover inside Hepsia are very detailed and feature data about the nature of any attack, when it transpired and from what IP, the firewall rule which was triggered, etcetera. We use a set of commercial rules which are regularly updated, but sometimes our administrators include custom rules as well in order to better protect the websites hosted on our machines.
ModSecurity in Semi-dedicated Hosting
We've included ModSecurity by default within all semi-dedicated hosting
packages, so your web apps will be protected as soon as you set them up under any domain or subdomain. The Hepsia Control Panel that is included with the semi-dedicated accounts shall allow you to activate or disable the firewall for any Internet site with a mouse click. You'll also be able to activate a passive detection mode with which ModSecurity shall keep a log of potential attacks without actually stopping them. The thorough logs include things like the nature of the attack and what ModSecurity response that attack triggered, where it originated from, and so forth. The list of rules we use is constantly updated as to match any new threats that might appear on the Internet and it consists of both commercial rules that we get from a security corporation and custom-written ones which our admins include in the event that they discover a threat which is not present in the commercial list yet.
ModSecurity in VPS Web Hosting
ModSecurity is pre-installed on all virtual private servers
which are set up with the Hepsia hosting Control Panel, so your web apps will be secured from the instant your server is in a position. The firewall is activated by default for any domain or subdomain on the VPS, but if necessary, you can disable it with a click of your mouse via the corresponding section of Hepsia. You could also set it to work in detection mode, so it'll keep an extensive log of any possible attacks without taking any action to prevent them. The logs are available within the very same section and include information about the nature of the attack, what IP address it came from and what ModSecurity rule was initiated to stop it. For optimum security, we employ not only commercial rules from a firm working in the field of web security, but also custom ones that our admins add personally in order to respond to new risks that are still not tackled in the commercial rules.
ModSecurity in Dedicated Servers Hosting
ModSecurity comes with all dedicated servers
which are integrated with our Hepsia Control Panel and you'll not have to do anything specific on your end to employ it as it is enabled by default each time you add a new domain or subdomain on your hosting server. If it disrupts some of your apps, you'll be able to stop it through the respective area of Hepsia, or you can leave it in passive mode, so it will detect attacks and will still maintain a log for them, but will not prevent them. You could analyze the logs later to learn what you can do to increase the protection of your Internet sites since you'll find information such as where an intrusion attempt came from, what website was attacked and based upon what rule ModSecurity responded, etc. The rules that we employ are commercial, therefore they are regularly updated by a security company, but to be on the safe side, our admins also include custom rules occasionally as to deal with any new threats they have found.