Learn what ModSecurity is, how it functions and just what it does to protect your websites and applications.
ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to a site without affecting its operation and in case it detects an intrusion attempt, it prevents it. The firewall furthermore keeps a more comprehensive log for the site visitors than any web server does, so you will manage to keep track of what's happening with your sites better than if you rely only on standard logs. ModSecurity works with security rules based on which it prevents attacks. For instance, it detects if anyone is attempting to log in to the administration area of a given script a number of times or if a request is sent to execute a file with a particular command. In these instances these attempts trigger the corresponding rules and the firewall software hinders the attempts instantly, after that records comprehensive info about them inside its logs. ModSecurity is amongst the very best software firewalls out there and it can easily protect your web apps against many threats and vulnerabilities, particularly if you don’t update them or their plugins frequently.
ModSecurity in Shared Web Hosting
We offer ModSecurity with all shared web hosting
packages, so your Internet applications will be shielded from harmful attacks. The firewall is switched on by default for all domains and subdomains, but if you'd like, you shall be able to stop it using the respective area of your Hepsia Control Panel. You could also switch on a detection mode, so ModSecurity shall keep a log as intended, but will not take any action. The logs which you shall find in Hepsia are extremely detailed and include information about the nature of any attack, when it occurred and from what IP address, the firewall rule which was triggered, etc. We employ a set of commercial rules which are constantly updated, but sometimes our admins add custom rules as well so as to better protect the Internet sites hosted on our servers.
ModSecurity in Semi-dedicated Hosting
Any web app you set up within your new semi-dedicated hosting
account will be protected by ModSecurity because the firewall is included with all our hosting packages and is switched on by default for any domain and subdomain that you add or create via your Hepsia hosting Control Panel. You shall be able to manage ModSecurity through a dedicated section in Hepsia where not only can you activate or deactivate it fully, but you can also switch on a passive mode, so the firewall shall not stop anything, but it shall still maintain an archive of potential attacks. This requires simply a mouse click and you will be able to see the logs regardless if ModSecurity is in passive or active mode through the same section - what the attack was and where it came from, how it was addressed, and so forth. The firewall uses two sets of rules on our servers - a commercial one that we get from a third-party web security firm and a custom one that our administrators update personally in order to respond to newly discovered threats as quickly as possible.
ModSecurity in VPS Hosting
Safety is extremely important to us, so we set up ModSecurity on all virtual private servers
which are made available with the Hepsia Control Panel as a standard. The firewall could be managed through a dedicated section in Hepsia and is turned on automatically when you include a new domain or create a subdomain, so you won't need to do anything manually. You shall also be able to disable it or activate the so-called detection mode, so it shall keep a log of possible attacks which you can later analyze, but will not prevent them. The logs in both passive and active modes contain details regarding the form of the attack and how it was eliminated, what IP address it came from and other valuable data which could help you to tighten the security of your websites by updating them or blocking IPs, for example. Besides the commercial rules we get for ModSecurity from a third-party security firm, we also implement our own rules because once in a while we discover specific attacks which are not yet present inside the commercial group. This way, we can easily enhance the security of your VPS in a timely manner as opposed to waiting for a certified update.
ModSecurity in Dedicated Web Hosting
ModSecurity comes with all dedicated servers
that are integrated with our Hepsia Control Panel and you'll not need to do anything specific on your end to employ it because it is turned on by default whenever you add a new domain or subdomain on your web server. In case it disrupts some of your applications, you shall be able to stop it through the respective section of Hepsia, or you may leave it working in passive mode, so it will detect attacks and shall still maintain a log for them, but shall not block them. You may look at the logs later to find out what you can do to boost the security of your Internet sites as you'll find information such as where an intrusion attempt originated from, what site was attacked and in accordance with what rule ModSecurity reacted, and so on. The rules which we use are commercial, thus they're frequently updated by a security company, but to be on the safe side, our admins also include custom rules from time to time in order to deal with any new threats they have discovered.