Learn what ModSecurity actually is, what it does and what actually it will do to guard your sites and web apps.
ModSecurity is a plugin for Apache web servers which functions as a web application layer firewall. It's used to prevent attacks toward script-driven websites by using security rules that contain specific expressions. This way, the firewall can block hacking and spamming attempts and protect even Internet sites that aren't updated on a regular basis. As an example, multiple failed login attempts to a script admin area or attempts to execute a certain file with the objective to get access to the script shall trigger certain rules, so ModSecurity shall block these activities the minute it discovers them. The firewall is incredibly efficient since it screens the whole HTTP traffic to a website in real time without slowing it down, so it could stop an attack before any damage is done. It also maintains an exceptionally comprehensive log of all attack attempts which contains more information than standard Apache logs, so you can later check out the data and take further measures to boost the security of your websites if required.
ModSecurity in Shared Web Hosting
ModSecurity is available on all shared web hosting
web servers, so if you choose to host your sites with our organization, they will be protected against a wide array of attacks. The firewall is turned on by default for all domains and subdomains, so there'll be nothing you'll need to do on your end. You'll be able to stop ModSecurity for any website if necessary, or to switch on a detection mode, so all activity will be recorded, but the firewall will not take any real action. You'll be able to view comprehensive logs via your Hepsia Control Panel including the IP where the attack originated from, what the attacker wished to do and how ModSecurity dealt with the threat. Since we take the security of our clients' websites very seriously, we employ a selection of commercial rules that we take from one of the leading firms that maintain this sort of rules. Our admins also add custom rules to make sure that your websites shall be protected against as many risks as possible.
ModSecurity in Semi-dedicated Servers
We've included ModSecurity by default in all semi-dedicated server
plans, so your web applications shall be protected the instant you set them up under any domain or subdomain. The Hepsia Control Panel that comes with the semi-dedicated accounts shall allow you to switch on or disable the firewall for any Internet site with a mouse click. You'll also have the ability to turn on a passive detection mode in which ModSecurity shall maintain a log of potential attacks without really stopping them. The detailed logs contain the nature of the attack and what ModSecurity response that attack generated, where it originated from, and so forth. The list of rules which we employ is frequently updated as to match any new threats that may appear on the Internet and it includes both commercial rules that we get from a security business and custom-written ones which our administrators add in case they find a threat that is not present inside the commercial list yet.
ModSecurity in VPS Servers
All VPS servers
that are set up with the Hepsia CP come with ModSecurity. The firewall is installed and switched on by default for all domains which are hosted on the machine, so there will not be anything special which you'll have to do to protect your sites. It'll take you just a mouse click to stop ModSecurity if necessary or to switch on its passive mode so that it records what goes on without taking any actions to prevent intrusions. You'll be able to look at the logs created in active or passive mode via the corresponding section of Hepsia and learn more about the form of the attack, where it came from, what rule the firewall used to handle it, etc. We use a combination of commercial and custom rules so as to make sure that ModSecurity shall block as many risks as possible, consequently boosting the protection of your web applications as much as possible.
ModSecurity in Dedicated Servers
All our dedicated servers
that are set up with the Hepsia hosting Control Panel come with ModSecurity, so any app which you upload or install shall be secured from the very beginning and you'll not have to bother about common attacks or vulnerabilities. An individual section within Hepsia will permit you to start or stop the firewall for each domain or subdomain, or activate a detection mode so that it records information about intrusions, but doesn't take actions to stop them. What you will see in the logs can help you to secure your websites better - the IP an attack originated from, what site was attacked and exactly how, what ModSecurity rule was triggered, and so forth. With this data, you could see whether a site needs an update, if you ought to block IPs from accessing your web server, etc. Aside from the third-party commercial security rules for ModSecurity that we use, our administrators add custom ones as well whenever they discover a new threat that's not yet included in the commercial bundle.