Discover what ModSecurity is, how it works and what exactly it does in order to protect your sites and applications.
ModSecurity is a powerful web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a site without affecting its performance and in case it identifies an intrusion attempt, it prevents it. The firewall also maintains a more thorough log for the traffic than any server does, so you shall be able to keep an eye on what's happening with your Internet sites much better than if you rely merely on conventional logs. ModSecurity uses security rules based on which it prevents attacks. For instance, it detects if somebody is trying to log in to the admin area of a particular script multiple times or if a request is sent to execute a file with a particular command. In these cases these attempts set off the corresponding rules and the firewall hinders the attempts immediately, after that records in-depth info about them in its logs. ModSecurity is one of the best software firewalls available and it can easily protect your web applications against many threats and vulnerabilities, especially if you don’t update them or their plugins often.
ModSecurity in Hosting
We provide ModSecurity with all hosting
plans, so your Internet applications will be shielded from destructive attacks. The firewall is switched on by default for all domains and subdomains, but if you'd like, you will be able to stop it using the respective area of your Hepsia CP. You'll be able to also activate a detection mode, so ModSecurity will keep a log as intended, but shall not take any action. The logs which you'll discover inside Hepsia are extremely detailed and include information about the nature of any attack, when it transpired and from what IP, the firewall rule which was triggered, etcetera. We employ a set of commercial rules which are regularly updated, but sometimes our admins include custom rules as well so as to better protect the Internet sites hosted on our servers.
ModSecurity in Semi-dedicated Servers
ModSecurity is part of our semi-dedicated server
packages and if you decide to host your sites with our company, there won't be anything special you'll need to do since the firewall is turned on by default for all domains and subdomains you include using your hosting Control Panel. If required, you could disable ModSecurity for a particular Internet site or activate the so-called detection mode in which case the firewall shall still operate and record data, but won't do anything to prevent potential attacks against your sites. Thorough logs will be available in your Control Panel and you will be able to see what type of attacks took place, what security rules were triggered and how the firewall dealt with the threats, what IP addresses the attacks originated from, and so on. We use two kinds of rules on our servers - commercial ones from a business that operates in the field of web security, and custom made ones that our admins occasionally include to respond to newly discovered risks in a timely manner.
ModSecurity in VPS Servers
ModSecurity is included with all Hepsia-based VPS servers
we offer and it shall be activated automatically for every new domain or subdomain you add on the server. In this way, any web application you install shall be protected right away without doing anything personally on your end. The firewall may be handled from the section of the Control Panel that bears the same name. This is the location whereyou could switch off ModSecurity or activate its passive mode, so it won't take any action towards threats, but shall still maintain a thorough log. The recorded information is available within the same area as well and you will be able to see what IPs any attacks originated from to enable you to stop them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity responded. The rules that we employ on our servers are a blend between commercial ones that we get from a security organization and custom ones which are added by our staff to enhance the protection of any web apps hosted on our end.
ModSecurity in Dedicated Servers
When you opt to host your websites on a dedicated server
with the Hepsia Control Panel, your web programs shall be secured right from the start since ModSecurity is provided with all Hepsia-based packages. You will be able to control the firewall effortlessly and if required, you'll be able to turn it off or enable its passive mode when it shall only maintain a log of what is going on without taking any action to stop potential attacks. The logs which you can find within the exact same section of the CP are incredibly detailed and contain info about the attacker IP address, what website and file were attacked and in what way, what rule the firewall used to stop the intrusion, and so forth. This data shall allow you to take measures and increase the protection of your websites even more. To be on the safe side, we use not just commercial rules, but also custom-made ones which our administrators add when they detect attacks that haven't yet been included within the commercial pack.