Discover what ModSecurity is, how it functions and just what it does to protect your web sites and applications.
ModSecurity is an efficient firewall for Apache web servers that is used to stop attacks against web applications. It keeps track of the HTTP traffic to a given site in real time and prevents any intrusion attempts the moment it identifies them. The firewall relies on a set of rules to do this - for example, attempting to log in to a script administration area unsuccessfully many times triggers one rule, sending a request to execute a particular file which could result in accessing the website triggers a different rule, etcetera. ModSecurity is among the best firewalls on the market and it'll preserve even scripts which are not updated on a regular basis as it can prevent attackers from employing known exploits and security holes. Quite thorough data about each intrusion attempt is recorded and the logs the firewall maintains are a lot more specific than the conventional logs provided by the Apache server, so you could later take a look at them and determine if you need to take additional measures so as to increase the protection of your script-driven sites.
ModSecurity in Shared Web Hosting
ModSecurity comes standard with all shared web hosting
solutions which we offer and it shall be activated automatically for any domain or subdomain that you add/create inside your Hepsia hosting CP. The firewall has 3 different modes, so you'll be able to switch on and deactivate it with only a click or set it to detection mode, so it shall maintain a log of all attacks, but it will not do anything to prevent them. The log for any of your Internet sites will contain in-depth information such as the nature of the attack, where it originated from, what action was taken by ModSecurity, and so on. The firewall rules which we use are regularly updated and comprise of both commercial ones which we get from a third-party security business and custom ones which our system administrators add in case that they detect a new sort of attacks. In this way, the Internet sites which you host here will be a lot more protected without any action expected on your end.
ModSecurity in Semi-dedicated Hosting
All semi-dedicated hosting
packages which we offer feature ModSecurity and because the firewall is switched on by default, any Internet site which you create under a domain or a subdomain will be secured right from the start. A separate section in the Hepsia CP which comes with the semi-dedicated accounts is devoted to ModSecurity and it will permit you to start and stop the firewall for any site or switch on a detection mode. With the last mentioned, ModSecurity shall not take any action, but it will still detect possible attacks and will keep all data inside a log as if it were 100% active. The logs can be found in the exact same section of the Control Panel and they feature information regarding the IP where an attack came from, what its nature was, what rule ModSecurity applies to recognize and stop it, and so on. The security rules which we use on our web servers are a mix between commercial ones from a security business and custom ones developed by our system administrators. As a result, we offer increased security for your web apps as we can shield them from attacks even before security firms release updates for brand new threats.
ModSecurity in VPS Hosting
All virtual private servers
which are provided with the Hepsia Control Panel come with ModSecurity. The firewall is installed and turned on by default for all domains which are hosted on the web server, so there shall not be anything special which you will have to do to protect your websites. It will take you simply a mouse click to stop ModSecurity if required or to turn on its passive mode so that it records what goes on without taking any measures to stop intrusions. You shall be able to see the logs produced in active or passive mode through the corresponding section of Hepsia and find out more about the type of the attack, where it originated from, what rule the firewall used to take care of it, and so on. We use a mix of commercial and custom rules in order to make sure that ModSecurity shall block out as many threats as possible, hence boosting the security of your web programs as much as possible.
ModSecurity in Dedicated Web Hosting
If you opt to host your sites on a dedicated server
with the Hepsia CP, your web programs shall be protected immediately since ModSecurity is available with all Hepsia-based plans. You will be able to control the firewall without difficulty and if necessary, you'll be able to turn it off or switch on its passive mode when it'll only keep a log of what's taking place without taking any action to prevent potential attacks. The logs which you will find within the same section of the Control Panel are incredibly detailed and feature information about the attacker IP address, what site and file were attacked and in what way, what rule the firewall used to stop the intrusion, and so on. This data shall permit you to take measures and enhance the protection of your sites even more. To be on the safe side, we use not only commercial rules, but also custom-made ones that our admins add when they recognize attacks that haven't yet been included inside the commercial pack.