ModSecurity
Learn what ModSecurity is really, how it operates and just what it will do to protect your web sites and apps.
ModSecurity is a highly effective web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to a website without affecting its operation and in case it identifies an intrusion attempt, it prevents it. The firewall also keeps a more comprehensive log for the site visitors than any web server does, so you'll manage to keep an eye on what is going on with your Internet sites better than if you rely only on standard logs. ModSecurity uses security rules based on which it stops attacks. For example, it detects whether someone is attempting to log in to the administrator area of a certain script several times or if a request is sent to execute a file with a certain command. In these situations these attempts trigger the corresponding rules and the firewall program hinders the attempts instantly, after that records in-depth information about them in its logs. ModSecurity is among the very best software firewalls out there and it could easily protect your web apps against a huge number of threats and vulnerabilities, particularly in case you don’t update them or their plugins often.
-
ModSecurity in Hosting
ModSecurity comes by default with all
hosting plans that we provide and it shall be turned on automatically for any domain or subdomain which you add/create inside your Hepsia hosting CP. The firewall has 3 different modes, so you could switch on and disable it with a click or set it to detection mode, so it shall keep a log of all attacks, but it shall not do anything to prevent them. The log for any of your Internet sites shall feature in-depth information which includes the nature of the attack, where it originated from, what action was taken by ModSecurity, etcetera. The firewall rules which we use are regularly updated and consist of both commercial ones that we get from a third-party security firm and custom ones which our system administrators include in case that they detect a new sort of attacks. That way, the sites that you host here will be far more protected with no action needed on your end.
-
ModSecurity in Semi-dedicated Servers
Any web app that you set up in your new
semi-dedicated server account will be protected by ModSecurity because the firewall is provided with all our hosting solutions and is activated by default for any domain and subdomain you add or create using your Hepsia hosting CP. You will be able to manage ModSecurity via a dedicated section within Hepsia where not simply can you activate or deactivate it completely, but you could also enable a passive mode, so the firewall won't block anything, but it will still maintain a record of potential attacks. This normally requires simply a click and you shall be able to see the logs no matter if ModSecurity is in passive or active mode through the same section - what the attack was and where it originated from, how it was handled, and so forth. The firewall uses two sets of rules on our machines - a commercial one which we get from a third-party web security firm and a custom one which our administrators update personally in order to respond to recently discovered risks immediately.
-
ModSecurity in VPS Servers
ModSecurity comes with all Hepsia-based
VPS servers we offer and it shall be switched on automatically for every new domain or subdomain that you add on the server. This way, any web application that you install shall be protected from the very beginning without doing anything personally on your end. The firewall can be managed through the section of the Control Panel that has the same name. This is the place whereyou can switch off ModSecurity or enable its passive mode, so it will not take any action against threats, but shall still keep a detailed log. The recorded information is available within the same section as well and you'll be able to see what IPs any attacks came from so that you can stop them, what the nature of the attempted attacks was and based on what security rules ModSecurity responded. The rules that we use on our servers are a mix between commercial ones we obtain from a security company and custom ones which are included by our administrators to improve the protection of any web apps hosted on our end.
-
ModSecurity in Dedicated Servers
If you decide to host your sites on a
dedicated server with the Hepsia CP, your web apps shall be protected immediately as ModSecurity is supplied with all Hepsia-based packages. You shall be able to control the firewall effortlessly and if needed, you will be able to turn it off or enable its passive mode when it'll only keep a log of what's going on without taking any action to prevent potential attacks. The logs which you can find in the same section of the Control Panel are incredibly detailed and feature details about the attacker IP address, what website and file were attacked and in what ways, what rule the firewall employed to stop the intrusion, etcetera. This information shall permit you to take measures and increase the protection of your Internet sites even more. To be on the safe side, we employ not just commercial rules, but also custom-made ones that our staff add every time they detect attacks that have not yet been included within the commercial pack.