Find out what ModSecurity is, how it functions and what exactly it does so as to protect your sites and applications.
ModSecurity is a plugin for Apache web servers which functions as a web application layer firewall. It is used to stop attacks against script-driven sites by employing security rules which contain particular expressions. That way, the firewall can block hacking and spamming attempts and preserve even Internet sites that are not updated frequently. For example, several unsuccessful login attempts to a script administrator area or attempts to execute a particular file with the objective to get access to the script shall trigger certain rules, so ModSecurity will block these activities the second it discovers them. The firewall is incredibly efficient because it screens the whole HTTP traffic to a website in real time without slowing it down, so it can easily stop an attack before any damage is done. It furthermore maintains an incredibly comprehensive log of all attack attempts that contains more info than traditional Apache logs, so you could later check out the data and take extra measures to boost the security of your Internet sites if needed.
ModSecurity in Cloud Web Hosting
We offer ModSecurity with all cloud web hosting
packages, so your Internet applications will be protected against malicious attacks. The firewall is turned on by default for all domains and subdomains, but in case you'd like, you shall be able to stop it through the respective area of your Hepsia Control Panel. You can also activate a detection mode, so ModSecurity will keep a log as intended, but will not take any action. The logs which you will discover within Hepsia are very detailed and feature data about the nature of any attack, when it happened and from what IP, the firewall rule which was triggered, and so on. We employ a group of commercial rules which are constantly updated, but sometimes our admins include custom rules as well in order to better protect the Internet sites hosted on our servers.
ModSecurity in Semi-dedicated Servers
ModSecurity is part of our semi-dedicated server
packages and if you choose to host your websites with our company, there will not be anything special you'll have to do as the firewall is switched on by default for all domains and subdomains which you add via your hosting Control Panel. If required, you could disable ModSecurity for a certain Internet site or enable the so-called detection mode in which case the firewall shall still operate and record information, but shall not do anything to prevent possible attacks against your Internet sites. Detailed logs shall be available inside your Control Panel and you shall be able to see which kind of attacks happened, what security rules were triggered and how the firewall dealt with the threats, what IP addresses the attacks came from, and so forth. We employ two types of rules on our servers - commercial ones from a business that operates in the field of web security, and custom ones which our admins occasionally add to respond to newly discovered threats on time.
ModSecurity in VPS Servers
ModSecurity is pre-installed on all VPS servers
that are set up with the Hepsia hosting CP, so your web programs shall be secured from the moment your server is ready. The firewall is turned on by default for any domain or subdomain on the Virtual Private Server, but if necessary, you'll be able to disable it with a click of your mouse from the corresponding section of Hepsia. You can also set it to function in detection mode, so it will keep an extensive log of any possible attacks without taking any action to prevent them. The logs are available within the very same section and provide info about the nature of the attack, what IP it came from and what ModSecurity rule was triggered to stop it. For optimum security, we use not simply commercial rules from a business working in the field of web security, but also custom ones that our administrators include personally in order to respond to new risks which are still not addressed in the commercial rules.
ModSecurity in Dedicated Servers
All of our dedicated servers
which are installed with the Hepsia hosting CP include ModSecurity, so any program you upload or set up will be properly secured from the very beginning and you will not have to worry about common attacks or vulnerabilities. A separate section inside Hepsia will enable you to start or stop the firewall for any domain or subdomain, or turn on a detection mode so that it records information about intrusions, but doesn't take actions to stop them. What you will see in the logs shall enable you to to secure your Internet sites better - the IP an attack came from, what site was attacked and exactly how, what ModSecurity rule was triggered, etc. With this data, you'll be able to see if a website needs an update, if you need to block IPs from accessing your server, and so on. Aside from the third-party commercial security rules for ModSecurity that we use, our admins include custom ones too whenever they find a new threat which is not yet a part of the commercial bundle.