Discover what ModSecurity actually is, what it does and what exactly it does to protect your web sites and web applications.
ModSecurity is an effective firewall for Apache web servers that's employed to prevent attacks towards web apps. It keeps track of the HTTP traffic to a particular Internet site in real time and stops any intrusion attempts as soon as it detects them. The firewall uses a set of rules to do this - for example, attempting to log in to a script administrator area unsuccessfully many times activates one rule, sending a request to execute a particular file that may result in accessing the website triggers a different rule, and so on. ModSecurity is among the best firewalls around and it'll protect even scripts which aren't updated regularly since it can prevent attackers from using known exploits and security holes. Quite comprehensive info about each and every intrusion attempt is recorded and the logs the firewall keeps are a lot more comprehensive than the conventional logs provided by the Apache server, so you can later analyze them and determine whether you need to take extra measures so as to enhance the security of your script-driven websites.
ModSecurity in Shared Website Hosting
ModSecurity comes standard with all shared website hosting
solutions that we supply and it shall be turned on automatically for any domain or subdomain that you add/create in your Hepsia hosting CP. The firewall has three different modes, so you'll be able to switch on and deactivate it with just a mouse click or set it to detection mode, so it will maintain a log of all attacks, but it will not do anything to stop them. The log for any of your Internet sites shall feature comprehensive information which includes the nature of the attack, where it originated from, what action was taken by ModSecurity, and so on. The firewall rules that we use are constantly updated and comprise of both commercial ones which we get from a third-party security company and custom ones our system admins include in case that they detect a new sort of attacks. In this way, the Internet sites you host here shall be far more protected without any action required on your end.
ModSecurity in Semi-dedicated Hosting
We've incorporated ModSecurity as a standard within all semi-dedicated hosting
products, so your web apps shall be protected whenever you set them up under any domain or subdomain. The Hepsia CP that is included with the semi-dedicated accounts will allow you to activate or disable the firewall for any Internet site with a click. You shall also have the ability to turn on a passive detection mode in which ModSecurity shall maintain a log of potential attacks without actually preventing them. The thorough logs include the nature of the attack and what ModSecurity response this attack generated, where it came from, etc. The list of rules which we use is constantly updated as to match any new threats that could appear on the Internet and it consists of both commercial rules that we get from a security corporation and custom-written ones that our admins add in case they find a threat that is not present inside the commercial list yet.
ModSecurity in VPS
Protection is extremely important to us, so we set up ModSecurity on all virtual private servers
which are provided with the Hepsia CP as a standard. The firewall can be managed through a dedicated section inside Hepsia and is activated automatically when you include a new domain or create a subdomain, so you will not need to do anything manually. You will also be able to disable it or switch on the so-called detection mode, so it'll maintain a log of potential attacks that you can later analyze, but will not block them. The logs in both passive and active modes include info about the form of the attack and how it was eliminated, what IP address it originated from and other useful data that may help you to tighten the security of your websites by updating them or blocking IPs, as an example. Besides the commercial rules that we get for ModSecurity from a third-party security enterprise, we also implement our own rules as occasionally we find specific attacks which aren't yet present in the commercial package. That way, we can easily increase the protection of your Virtual private server right away instead of waiting for an official update.
ModSecurity in Dedicated Hosting
ModSecurity is available as standard with all dedicated servers
which are set up with the Hepsia CP and is set to “Active” automatically for any domain you host or subdomain that you create on the hosting server. In case that a web app doesn't operate adequately, you may either switch off the firewall or set it to operate in passive mode. The latter means that ModSecurity shall keep a log of any possible attack that may occur, but shall not take any action to stop it. The logs produced in passive or active mode will give you additional details about the exact file which was attacked, the type of the attack and the IP address it originated from, and so on. This info shall enable you to determine what measures you can take to improve the safety of your Internet sites, for instance blocking IPs or performing script and plugin updates. The ModSecurity rules that we use are updated constantly with a commercial pack from a third-party security company we work with, but from time to time our admins include their own rules too if they come across a new potential threat.