Find out what ModSecurity is really, what it does and precisely what it can do to guard your sites and applications.
ModSecurity is a plugin for Apache web servers which functions as a web application layer firewall. It's used to prevent attacks toward script-driven websites by using security rules which contain certain expressions. This way, the firewall can block hacking and spamming attempts and preserve even sites that aren't updated regularly. For instance, a number of unsuccessful login attempts to a script admin area or attempts to execute a specific file with the intention to get access to the script shall trigger particular rules, so ModSecurity shall block out these activities the minute it discovers them. The firewall is quite efficient because it screens the whole HTTP traffic to a website in real time without slowing it down, so it can easily prevent an attack before any harm is done. It also keeps an incredibly thorough log of all attack attempts which features more information than typical Apache logs, so you can later examine the data and take further measures to enhance the security of your websites if needed.
ModSecurity in Cloud Hosting
We provide ModSecurity with all cloud hosting
packages, so your web apps will be shielded from destructive attacks. The firewall is turned on as standard for all domains and subdomains, but if you would like, you'll be able to stop it through the respective part of your Hepsia CP. You'll be able to also switch on a detection mode, so ModSecurity will keep a log as intended, but will not take any action. The logs that you will find in Hepsia are extremely detailed and include info about the nature of any attack, when it happened and from what IP, the firewall rule that was triggered, and so forth. We use a set of commercial rules which are frequently updated, but sometimes our admins include custom rules as well in order to better protect the sites hosted on our machines.
ModSecurity in Semi-dedicated Hosting
ModSecurity is a part of our semi-dedicated hosting
plans and if you choose to host your websites with our company, there won't be anything special you will have to do since the firewall is turned on by default for all domains and subdomains you add via your hosting Control Panel. If needed, you can disable ModSecurity for a given website or activate the so-called detection mode in which case the firewall shall still function and record info, but won't do anything to stop possible attacks on your sites. Thorough logs will be available in your Control Panel and you will be able to see what sort of attacks took place, what security rules were triggered and how the firewall addressed the threats, what IP addresses the attacks originated from, and so forth. We employ two types of rules on our servers - commercial ones from a business that operates in the field of web security, and customized ones that our admins occasionally add to respond to newly discovered threats on time.
ModSecurity in VPS Web Hosting
All virtual private servers
that are offered with the Hepsia CP feature ModSecurity. The firewall is installed and switched on by default for all domains which are hosted on the machine, so there will not be anything special that you'll have to do to protect your sites. It will take you a mouse click to stop ModSecurity if required or to turn on its passive mode so that it records what happens without taking any actions to prevent intrusions. You'll be able to look at the logs produced in passive or active mode via the corresponding section of Hepsia and learn more about the type of the attack, where it came from, what rule the firewall used to take care of it, etc. We employ a combination of commercial and custom rules so as to ensure that ModSecurity shall block out as many risks as possible, therefore increasing the security of your web programs as much as possible.
ModSecurity in Dedicated Servers Hosting
ModSecurity is offered by default with all dedicated servers
that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain that you host or subdomain that you create on the web server. In the event that a web app doesn't work adequately, you may either disable the firewall or set it to function in passive mode. The second means that ModSecurity shall maintain a log of any possible attack which could take place, but shall not take any action to stop it. The logs generated in passive or active mode shall present you with additional details about the exact file that was attacked, the type of the attack and the IP it originated from, etc. This information will allow you to decide what actions you can take to improve the protection of your websites, including blocking IPs or performing script and plugin updates. The ModSecurity rules that we employ are updated regularly with a commercial bundle from a third-party security firm we work with, but from time to time our admins add their own rules as well if they find a new potential threat.