ModSecurity
Learn what ModSecurity actually is, the way it works and precisely what it will do to guard your sites and web applications.
ModSecurity is a powerful web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to a website without affecting its operation and if it discovers an intrusion attempt, it blocks it. The firewall additionally keeps a more detailed log for the website visitors than any web server does, so you shall manage to keep track of what's happening with your websites a lot better than if you rely simply on conventional logs. ModSecurity employs security rules based on which it stops attacks. For instance, it identifies whether someone is attempting to log in to the administrator area of a given script multiple times or if a request is sent to execute a file with a specific command. In these situations these attempts trigger the corresponding rules and the firewall hinders the attempts instantly, and then records detailed information about them in its logs. ModSecurity is amongst the most effective software firewalls on the market and it can easily protect your web applications against thousands of threats and vulnerabilities, particularly in case you don’t update them or their plugins regularly.
-
ModSecurity in Cloud Hosting
ModSecurity comes by default with all
cloud hosting plans that we supply and it shall be activated automatically for any domain or subdomain that you add/create inside your Hepsia hosting Control Panel. The firewall has three different modes, so you could switch on and deactivate it with simply a click or set it to detection mode, so it'll maintain a log of all attacks, but it shall not do anything to prevent them. The log for each of your sites will include detailed information including the nature of the attack, where it originated from, what action was taken by ModSecurity, and so forth. The firewall rules that we use are constantly updated and incorporate both commercial ones that we get from a third-party security company and custom ones our system admins include in the event that they detect a new type of attacks. In this way, the Internet sites you host here will be far more secure without any action expected on your end.
-
ModSecurity in Semi-dedicated Hosting
All
semi-dedicated hosting packages which we offer include ModSecurity and given that the firewall is enabled by default, any website which you build under a domain or a subdomain will be protected straight away. A separate section inside the Hepsia Control Panel that comes with the semi-dedicated accounts is devoted to ModSecurity and it will enable you to start and stop the firewall for any website or enable a detection mode. With the latter, ModSecurity will not take any action, but it will still detect possible attacks and will keep all info in a log as if it were completely active. The logs could be found in the same section of the Control Panel and they feature details about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to identify and stop it, etcetera. The security rules that we employ on our servers are a mix of commercial ones from a security company and custom ones developed by our system admins. For that reason, we offer increased security for your web programs as we can protect them from attacks before security businesses release updates for new threats.
-
ModSecurity in Dedicated Web Hosting
All our
dedicated servers which are installed with the Hepsia hosting Control Panel include ModSecurity, so any program you upload or set up shall be properly secured from the very beginning and you'll not have to concern yourself with common attacks or vulnerabilities. A separate section inside Hepsia will enable you to start or stop the firewall for every domain or subdomain, or activate a detection mode so that it records information about intrusions, but does not take actions to prevent them. What you shall see in the logs can enable you to to secure your Internet sites better - the IP address an attack came from, what site was attacked as well as how, what ModSecurity rule was triggered, etcetera. With this information, you could see whether a website needs an update, whether you need to block IPs from accessing your web server, and so forth. Besides the third-party commercial security rules for ModSecurity which we use, our admins include custom ones as well whenever they discover a new threat which is not yet a part of the commercial bundle.