Find out what ModSecurity is, how it functions and just what it does to protect your Internet sites and apps.
ModSecurity is a plugin for Apache web servers that functions as a web application layer firewall. It is used to stop attacks towards script-driven sites by using security rules that contain certain expressions. In this way, the firewall can block hacking and spamming attempts and shield even websites that aren't updated often. As an example, numerous unsuccessful login attempts to a script admin area or attempts to execute a certain file with the intention to get access to the script will trigger particular rules, so ModSecurity will block out these activities the second it identifies them. The firewall is very efficient as it monitors the entire HTTP traffic to an Internet site in real time without slowing it down, so it will be able to prevent an attack before any harm is done. It furthermore keeps an incredibly detailed log of all attack attempts that includes more information than conventional Apache logs, so you can later analyze the data and take additional measures to boost the security of your Internet sites if required.
ModSecurity in Cloud Website Hosting
We provide ModSecurity with all cloud website hosting
solutions, so your web apps will be resistant to destructive attacks. The firewall is activated by default for all domains and subdomains, but in case you'd like, you'll be able to stop it via the respective part of your Hepsia CP. You can also switch on a detection mode, so ModSecurity shall keep a log as intended, but will not take any action. The logs that you shall discover in Hepsia are extremely detailed and feature info about the nature of any attack, when it took place and from what IP address, the firewall rule which was triggered, and so on. We employ a range of commercial rules that are often updated, but sometimes our admins include custom rules as well so as to better protect the Internet sites hosted on our servers.
ModSecurity in Semi-dedicated Servers
We've included ModSecurity as a standard in all semi-dedicated server
packages, so your web apps shall be protected the instant you install them under any domain or subdomain. The Hepsia CP that comes with the semi-dedicated accounts shall allow you to activate or turn off the firewall for any site with a mouse click. You'll also be able to switch on a passive detection mode in which ModSecurity will maintain a log of possible attacks without actually stopping them. The thorough logs include things like the nature of the attack and what ModSecurity response this attack generated, where it came from, etcetera. The list of rules which we employ is regularly updated as to match any new threats that could appear on the Internet and it features both commercial rules that we get from a security firm and custom-written ones that our administrators include in the event that they discover a threat that's not present inside the commercial list yet.
ModSecurity in VPS Servers
ModSecurity is pre-installed on all VPS servers
that are set up with the Hepsia hosting CP, so your web applications will be protected from the moment your server is ready. The firewall is switched on by default for any domain or subdomain on the Virtual Private Server, but if required, you'll be able to disable it with a mouse click from the corresponding section of Hepsia. You could also set it to work in detection mode, so it shall maintain an extensive log of any potential attacks without taking any action to prevent them. The logs can be found within the exact same section and offer information about the nature of the attack, what IP it originated from and what ModSecurity rule was triggered to stop it. For best security, we employ not only commercial rules from a business working in the field of web security, but also custom ones which our admins add manually in order to respond to new risks which are still not tackled in the commercial rules.
ModSecurity in Dedicated Servers
ModSecurity is included with all dedicated servers
that are set up with our Hepsia CP and you'll not need to do anything specific on your end to use it because it is enabled by default each time you add a new domain or subdomain on your web server. If it interferes with some of your apps, you will be able to stop it via the respective part of Hepsia, or you could leave it in passive mode, so it will identify attacks and will still maintain a log for them, but will not prevent them. You can look at the logs later to learn what you can do to increase the security of your sites since you will find details such as where an intrusion attempt came from, what Internet site was attacked and based upon what rule ModSecurity responded, etcetera. The rules which we employ are commercial, therefore they are frequently updated by a security provider, but to be on the safe side, our staff also add custom rules from time to time as to deal with any new threats they have found.