ModSecurity
Learn what ModSecurity is, how it works and just what it does to protect your web sites and applications.
ModSecurity is an efficient firewall for Apache web servers which is used to prevent attacks towards web applications. It keeps track of the HTTP traffic to a given website in real time and stops any intrusion attempts the instant it detects them. The firewall relies on a set of rules to do this - as an illustration, trying to log in to a script administration area without success several times sets off one rule, sending a request to execute a specific file which may result in gaining access to the site triggers another rule, and so on. ModSecurity is amongst the best firewalls out there and it'll protect even scripts which are not updated frequently because it can prevent attackers from using known exploits and security holes. Quite detailed info about every intrusion attempt is recorded and the logs the firewall maintains are much more comprehensive than the regular logs provided by the Apache server, so you may later analyze them and decide whether you need to take additional measures so as to improve the security of your script-driven websites.
-
ModSecurity in Shared Website Hosting
ModSecurity is available with every single
shared website hosting plan which we offer and it is turned on by default for any domain or subdomain that you add through your Hepsia CP. In the event that it interferes with any of your programs or you'd like to disable it for any reason, you'll be able to do this through the ModSecurity area of Hepsia with just a mouse click. You may also use a passive mode, so the firewall will recognize potential attacks and maintain a log, but shall not take any action. You could view detailed logs in the exact same section, including the IP address where the attack came from, exactly what the attacker aimed to do and at what time, what ModSecurity did, and so on. For maximum protection of our clients we use a collection of commercial firewall rules combined with custom ones which are provided by our system administrators.
-
ModSecurity in Semi-dedicated Servers
Any web application that you set up within your new
semi-dedicated server account shall be protected by ModSecurity because the firewall is included with all our hosting packages and is switched on by default for any domain and subdomain which you include or create via your Hepsia hosting CP. You will be able to manage ModSecurity via a dedicated section in Hepsia where not only can you activate or deactivate it entirely, but you may also activate a passive mode, so the firewall won't stop anything, but it'll still keep a record of possible attacks. This takes simply a click and you'll be able to see the logs regardless of if ModSecurity is in passive or active mode through the same section - what the attack was and where it came from, how it was handled, etc. The firewall employs two groups of rules on our servers - a commercial one which we get from a third-party web security company and a custom one that our admins update manually as to respond to recently discovered risks immediately.
-
ModSecurity in VPS Servers
Safety is essential to us, so we install ModSecurity on all
VPS servers which are provided with the Hepsia CP by default. The firewall can be managed via a dedicated section within Hepsia and is activated automatically when you add a new domain or create a subdomain, so you won't have to do anything personally. You shall also be able to disable it or turn on the so-called detection mode, so it'll maintain a log of possible attacks that you can later examine, but shall not stop them. The logs in both passive and active modes offer information regarding the kind of the attack and how it was stopped, what IP it came from and other important information that may help you to tighten the security of your websites by updating them or blocking IPs, for example. Besides the commercial rules we get for ModSecurity from a third-party security firm, we also employ our own rules because from time to time we detect specific attacks which are not yet present inside the commercial package. That way, we could improve the protection of your VPS promptly rather than awaiting an official update.
-
ModSecurity in Dedicated Servers
ModSecurity comes with all
dedicated servers that are integrated with our Hepsia CP and you'll not need to do anything specific on your end to employ it since it is activated by default whenever you add a new domain or subdomain on your hosting server. If it interferes with some of your apps, you'll be able to stop it through the respective part of Hepsia, or you can leave it operating in passive mode, so it will detect attacks and will still maintain a log for them, but will not stop them. You may analyze the logs later to find out what you can do to enhance the protection of your sites since you'll find information such as where an intrusion attempt came from, what Internet site was attacked and in accordance with what rule ModSecurity responded, and so forth. The rules which we employ are commercial, therefore they are regularly updated by a security company, but to be on the safe side, our staff also include custom rules from time to time in order to respond to any new threats they have identified.