ModSecurity
Learn what ModSecurity is really, the way it works and what precisely it will do to shield your websites and applications.
ModSecurity is a powerful firewall for Apache web servers which is employed to prevent attacks toward web apps. It monitors the HTTP traffic to a given site in real time and stops any intrusion attempts as soon as it identifies them. The firewall relies on a set of rules to do this - for instance, trying to log in to a script administration area without success many times triggers one rule, sending a request to execute a particular file that could result in accessing the site triggers a different rule, and so forth. ModSecurity is among the best firewalls out there and it'll protect even scripts which are not updated on a regular basis since it can prevent attackers from using known exploits and security holes. Quite comprehensive data about each intrusion attempt is recorded and the logs the firewall maintains are much more detailed than the regular logs created by the Apache server, so you could later analyze them and decide whether you need to take extra measures so as to improve the protection of your script-driven Internet sites.
-
ModSecurity in Shared Hosting
ModSecurity is provided with all
shared hosting web servers, so if you decide to host your sites with our firm, they shall be resistant to a wide array of attacks. The firewall is enabled as standard for all domains and subdomains, so there shall be nothing you shall have to do on your end. You shall be able to stop ModSecurity for any Internet site if necessary, or to switch on a detection mode, so all activity shall be recorded, but the firewall shall not take any real action. You shall be able to view detailed logs via your Hepsia CP including the IP address where the attack came from, what the attacker planned to do and how ModSecurity dealt with the threat. As we take the protection of our customers' websites very seriously, we employ a group of commercial rules which we take from one of the top firms that maintain this type of rules. Our administrators also include custom rules to ensure that your websites shall be resistant to as many threats as possible.
-
ModSecurity in Semi-dedicated Servers
Any web app which you set up within your new
semi-dedicated server account will be protected by ModSecurity since the firewall comes with all our hosting solutions and is activated by default for any domain and subdomain you include or create via your Hepsia hosting Control Panel. You will be able to manage ModSecurity via a dedicated area within Hepsia where not only could you activate or deactivate it fully, but you could also activate a passive mode, so the firewall shall not stop anything, but it shall still maintain an archive of possible attacks. This takes simply a mouse click and you shall be able to see the logs regardless of if ModSecurity is in passive or active mode through the same section - what the attack was and where it originated from, how it was taken care of, etc. The firewall uses 2 sets of rules on our machines - a commercial one that we get from a third-party web security firm and a custom one that our admins update manually in order to respond to recently discovered risks at the earliest opportunity.
-
ModSecurity in VPS Servers
ModSecurity comes with all Hepsia-based
VPS servers we offer and it'll be turned on automatically for any new domain or subdomain which you add on the hosting server. That way, any web app which you install shall be secured right from the start without doing anything manually on your end. The firewall could be handled via the section of the CP which has the same name. This is the area whereyou can disable ModSecurity or enable its passive mode, so it shall not take any action against threats, but shall still keep a comprehensive log. The recorded information is available in the same area as well and you shall be able to see what IPs any attacks came from to enable you to stop them, what the nature of the attempted attacks was and based on what security rules ModSecurity reacted. The rules which we employ on our servers are a mixture between commercial ones which we get from a security organization and custom ones that are included by our staff to optimize the security of any web apps hosted on our end.
-
ModSecurity in Dedicated Servers
All of our
dedicated servers that are installed with the Hepsia hosting Control Panel feature ModSecurity, so any application that you upload or install shall be protected from the very beginning and you won't need to bother about common attacks or vulnerabilities. An independent section within Hepsia will enable you to start or stop the firewall for any domain or subdomain, or switch on a detection mode so that it records details about intrusions, but doesn't take actions to prevent them. What you shall see in the logs can easily enable you to to secure your sites better - the IP an attack came from, what site was attacked and exactly how, what ModSecurity rule was triggered, and so forth. With this information, you can see whether a site needs an update, whether you ought to block IPs from accessing your server, etc. Besides the third-party commercial security rules for ModSecurity that we use, our administrators add custom ones as well whenever they come across a new threat which is not yet in the commercial bundle.