ModSecurity
Discover what ModSecurity is, how it works and what exactly it does to protect your Internet sites and applications.
ModSecurity is a plugin for Apache web servers that functions as a web application layer firewall. It is used to stop attacks against script-driven Internet sites through the use of security rules that contain certain expressions. That way, the firewall can block hacking and spamming attempts and protect even Internet sites that are not updated frequently. For instance, a number of unsuccessful login attempts to a script administrator area or attempts to execute a specific file with the purpose to get access to the script shall trigger particular rules, so ModSecurity will stop these activities the moment it identifies them. The firewall is very efficient since it tracks the whole HTTP traffic to an Internet site in real time without slowing it down, so it can prevent an attack before any harm is done. It furthermore keeps a very detailed log of all attack attempts which features more information than typical Apache logs, so you could later examine the data and take additional measures to improve the security of your Internet sites if required.
-
ModSecurity in Shared Web Hosting
ModSecurity can be found with each
shared web hosting package that we provide and it's turned on by default for every domain or subdomain which you include via your Hepsia Control Panel. In the event that it disrupts any of your programs or you would like to disable it for some reason, you will be able to do that through the ModSecurity area of Hepsia with simply a click. You can also enable a passive mode, so the firewall will recognize potential attacks and keep a log, but will not take any action. You'll be able to view detailed logs in the exact same section, including the IP address where the attack originated from, what exactly the attacker aimed to do and at what time, what ModSecurity did, etc. For optimum safety of our customers we use a group of commercial firewall rules blended with custom ones that are included by our system admins.
-
ModSecurity in Semi-dedicated Servers
All
semi-dedicated server packages that we offer include ModSecurity and given that the firewall is turned on by default, any website you build under a domain or a subdomain shall be protected right from the start. A separate section within the Hepsia CP that comes with the semi-dedicated accounts is devoted to ModSecurity and it will permit you to stop and start the firewall for any site or switch on a detection mode. With the last option, ModSecurity won't take any action, but it'll still recognize possible attacks and shall keep all information within a log as if it were 100% active. The logs can be found within the same section of the Control Panel and they feature specifics about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to identify and stop it, etc. The security rules which we use on our machines are a mix of commercial ones from a security firm and custom ones made by our system admins. For that reason, we offer higher security for your web applications as we can shield them from attacks before security businesses release updates for new threats.
-
ModSecurity in VPS Servers
Safety is very important to us, so we install ModSecurity on all
VPS servers that are provided with the Hepsia CP as a standard. The firewall could be managed through a dedicated section inside Hepsia and is activated automatically when you add a new domain or generate a subdomain, so you'll not have to do anything by hand. You will also be able to deactivate it or turn on the so-called detection mode, so it will maintain a log of possible attacks which you can later study, but will not prevent them. The logs in both passive and active modes offer details regarding the type of the attack and how it was stopped, what IP it originated from and other important info which could help you to tighten the security of your sites by updating them or blocking IPs, for instance. In addition to the commercial rules that we get for ModSecurity from a third-party security enterprise, we also use our own rules since every now and then we detect specific attacks that are not yet present inside the commercial pack. This way, we could increase the protection of your Virtual private server right away rather than waiting for a certified update.
-
ModSecurity in Dedicated Servers
When you opt to host your Internet sites on a
dedicated server with the Hepsia CP, your web applications will be protected right from the start since ModSecurity is available with all Hepsia-based solutions. You shall be able to manage the firewall without difficulty and if needed, you will be able to turn it off or activate its passive mode when it will only keep a log of what is taking place without taking any action to prevent possible attacks. The logs which you can find within the exact same section of the Control Panel are incredibly detailed and feature information about the attacker IP address, what website and file were attacked and in what ways, what rule the firewall employed to prevent the intrusion, etcetera. This information will allow you to take measures and boost the security of your sites even more. To be on the safe side, we employ not just commercial rules, but also custom-made ones that our staff include whenever they recognize attacks which haven't yet been included inside the commercial pack.