ModSecurity
Find out what ModSecurity is really, what it does and just what exactly it can do to defend your web sites and apps.
ModSecurity is a highly effective firewall for Apache web servers that's employed to stop attacks toward web applications. It keeps track of the HTTP traffic to a specific website in real time and blocks any intrusion attempts the instant it discovers them. The firewall relies on a set of rules to do this - as an illustration, trying to log in to a script administration area without success many times sets off one rule, sending a request to execute a certain file that may result in getting access to the website triggers a different rule, etc. ModSecurity is one of the best firewalls available on the market and it will protect even scripts that aren't updated regularly since it can prevent attackers from employing known exploits and security holes. Incredibly thorough information about each and every intrusion attempt is recorded and the logs the firewall keeps are much more comprehensive than the conventional logs provided by the Apache server, so you can later examine them and determine whether you need to take additional measures so as to improve the security of your script-driven websites.
-
ModSecurity in Cloud Hosting
ModSecurity is supplied with all
cloud hosting machines, so when you opt to host your sites with our firm, they shall be resistant to a wide array of attacks. The firewall is enabled by default for all domains and subdomains, so there'll be nothing you'll need to do on your end. You will be able to stop ModSecurity for any website if needed, or to activate a detection mode, so that all activity will be recorded, but the firewall will not take any real action. You'll be able to view specific logs through your Hepsia Control Panel including the IP where the attack came from, what the attacker wanted to do and how ModSecurity handled the threat. Since we take the safety of our customers' Internet sites very seriously, we employ a collection of commercial rules that we get from one of the top companies that maintain this sort of rules. Our admins also include custom rules to ensure that your sites will be protected against as many threats as possible.
-
ModSecurity in Semi-dedicated Servers
We have integrated ModSecurity as a standard in all
semi-dedicated server products, so your web apps shall be protected whenever you install them under any domain or subdomain. The Hepsia Control Panel that comes with the semi-dedicated accounts shall allow you to switch on or turn off the firewall for any website with a mouse click. You shall also be able to turn on a passive detection mode through which ModSecurity shall keep a log of possible attacks without really stopping them. The detailed logs contain the nature of the attack and what ModSecurity response this attack generated, where it came from, and so on. The list of rules that we use is constantly updated as to match any new threats which might appear on the Internet and it comes with both commercial rules that we get from a security business and custom-written ones which our administrators include in case they find a threat which is not present in the commercial list yet.
-
ModSecurity in VPS Servers
ModSecurity is pre-installed on all
VPS servers that are set up with the Hepsia hosting CP, so your web apps shall be protected from the moment your server is in a position. The firewall is turned on by default for any domain or subdomain on the VPS, but if needed, you can deactivate it with a click of your mouse from the corresponding section of Hepsia. You can also set it to function in detection mode, so it'll maintain a comprehensive log of any possible attacks without taking any action to stop them. The logs are available in the same section and provide information regarding the nature of the attack, what IP it came from and what ModSecurity rule was triggered to stop it. For best security, we employ not only commercial rules from a firm working in the field of web security, but also custom ones that our admins include personally in order to respond to new threats that are still not dealt with in the commercial rules.
-
ModSecurity in Dedicated Servers
ModSecurity is provided by default with all
dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain that you host or subdomain you create on the hosting server. In case that a web application does not function properly, you can either disable the firewall or set it to function in passive mode. The second means that ModSecurity shall maintain a log of any possible attack which could happen, but will not take any action to stop it. The logs generated in active or passive mode shall give you additional details about the exact file which was attacked, the form of the attack and the IP it came from, and so on. This data shall allow you to decide what actions you can take to improve the security of your sites, including blocking IPs or performing script and plugin updates. The ModSecurity rules that we use are updated regularly with a commercial bundle from a third-party security provider we work with, but oftentimes our admins include their own rules also in case they identify a new potential threat.