ModSecurity
Find out what ModSecurity is, how it functions and what exactly it does to protect your websites and applications.
ModSecurity is a plugin for Apache web servers that functions as a web app layer firewall. It is employed to stop attacks against script-driven Internet sites by using security rules that contain specific expressions. That way, the firewall can block hacking and spamming attempts and protect even sites that aren't updated frequently. For example, a number of unsuccessful login attempts to a script administrator area or attempts to execute a particular file with the purpose to get access to the script shall trigger particular rules, so ModSecurity shall stop these activities the moment it detects them. The firewall is incredibly efficient since it monitors the whole HTTP traffic to an Internet site in real time without slowing it down, so it could stop an attack before any damage is done. It furthermore maintains a very detailed log of all attack attempts which features more information than typical Apache logs, so you can later examine the data and take extra measures to boost the security of your websites if necessary.
-
ModSecurity in Hosting
ModSecurity is supplied with all
hosting servers, so if you choose to host your sites with our firm, they will be resistant to a wide range of attacks. The firewall is turned on by default for all domains and subdomains, so there'll be nothing you shall need to do on your end. You shall be able to stop ModSecurity for any Internet site if required, or to activate a detection mode, so all activity will be recorded, but the firewall shall not take any real action. You'll be able to view specific logs via your Hepsia CP including the IP where the attack originated from, what the attacker wanted to do and how ModSecurity handled the threat. As we take the protection of our customers' Internet sites seriously, we use a group of commercial rules that we take from one of the best companies that maintain such rules. Our admins also include custom rules to ensure that your sites will be resistant to as many risks as possible.
-
ModSecurity in Semi-dedicated Hosting
ModSecurity is a part of our
semi-dedicated hosting solutions and if you decide to host your websites with our company, there shall not be anything special you will have to do since the firewall is activated by default for all domains and subdomains you add via your hosting CP. If necessary, you could disable ModSecurity for a particular website or switch on the so-called detection mode in which case the firewall will still work and record data, but shall not do anything to prevent potential attacks against your sites. In depth logs shall be accessible within your CP and you shall be able to see what type of attacks occurred, what security rules were triggered and how the firewall handled the threats, what Internet protocol addresses the attacks originated from, etcetera. We employ two sorts of rules on our servers - commercial ones from an organization that operates in the field of web security, and custom made ones which our admins often add to respond to newly discovered risks on time.
-
ModSecurity in Dedicated Hosting
If you decide to host your sites on a
dedicated server with the Hepsia Control Panel, your web applications will be secured right away because ModSecurity is available with all Hepsia-based plans. You shall be able to manage the firewall easily and if needed, you shall be able to turn it off or switch on its passive mode when it shall only maintain a log of what is going on without taking any action to prevent potential attacks. The logs which you can find within the exact same section of the Control Panel are very detailed and feature information about the attacker IP, what website and file were attacked and in what ways, what rule the firewall used to prevent the intrusion, etc. This information will allow you to take measures and increase the protection of your sites even more. To be on the safe side, we employ not just commercial rules, but also custom-made ones that our staff add when they identify attacks which haven't yet been included in the commercial pack.