Learn what ModSecurity is, how it works and precisely what it does so as to protect your Internet sites and applications.
ModSecurity is an effective firewall for Apache web servers which is used to prevent attacks toward web apps. It monitors the HTTP traffic to a specific Internet site in real time and prevents any intrusion attempts the instant it detects them. The firewall uses a set of rules to do that - as an illustration, attempting to log in to a script administrator area unsuccessfully a few times activates one rule, sending a request to execute a specific file which may result in getting access to the site triggers a different rule, and so forth. ModSecurity is amongst the best firewalls available on the market and it'll preserve even scripts which aren't updated on a regular basis as it can prevent attackers from employing known exploits and security holes. Incredibly comprehensive info about every single intrusion attempt is recorded and the logs the firewall keeps are far more comprehensive than the standard logs provided by the Apache server, so you could later analyze them and determine if you need to take extra measures so as to improve the security of your script-driven Internet sites.
ModSecurity in Cloud Web Hosting
We offer ModSecurity with all cloud web hosting
plans, so your web applications will be protected against destructive attacks. The firewall is turned on as standard for all domains and subdomains, but in case you'd like, you'll be able to stop it through the respective part of your Hepsia Control Panel. You can also activate a detection mode, so ModSecurity shall keep a log as intended, but will not take any action. The logs that you'll discover within Hepsia are quite detailed and offer information about the nature of any attack, when it transpired and from what IP address, the firewall rule that was triggered, etc. We use a range of commercial rules that are regularly updated, but sometimes our admins include custom rules as well in order to efficiently protect the sites hosted on our servers.
ModSecurity in Semi-dedicated Servers
We have incorporated ModSecurity as a standard inside all semi-dedicated server
products, so your web applications shall be protected whenever you set them up under any domain or subdomain. The Hepsia Control Panel that comes with the semi-dedicated accounts will allow you to enable or disable the firewall for any site with a click. You'll also be able to activate a passive detection mode in which ModSecurity will maintain a log of possible attacks without really preventing them. The detailed logs include the nature of the attack and what ModSecurity response that attack caused, where it originated from, and so on. The list of rules we use is frequently updated in order to match any new threats that could appear on the Internet and it includes both commercial rules that we get from a security business and custom-written ones that our administrators add in the event that they discover a threat which is not present within the commercial list yet.
ModSecurity in VPS Servers
All VPS servers
which are provided with the Hepsia Control Panel include ModSecurity. The firewall is installed and activated by default for all domains which are hosted on the machine, so there will not be anything special that you shall have to do to protect your sites. It'll take you just a click to stop ModSecurity if necessary or to switch on its passive mode so that it records what occurs without taking any measures to prevent intrusions. You will be able to see the logs generated in active or passive mode from the corresponding section of Hepsia and find out more about the type of the attack, where it came from, what rule the firewall used to deal with it, and so forth. We use a mix of commercial and custom rules so as to make certain that ModSecurity shall stop as many threats as possible, consequently improving the security of your web applications as much as possible.
ModSecurity in Dedicated Servers
When you opt to host your websites on a dedicated server
with the Hepsia Control Panel, your web applications will be protected straight away because ModSecurity is provided with all Hepsia-based solutions. You shall be able to regulate the firewall easily and if necessary, you will be able to turn it off or enable its passive mode when it shall only keep a log of what is occurring without taking any action to stop potential attacks. The logs that you'll find in the same section of the CP are extremely detailed and include information about the attacker IP, what website and file were attacked and in what ways, what rule the firewall used to stop the intrusion, and so on. This information shall enable you to take measures and increase the security of your Internet sites even more. To be on the safe side, we use not only commercial rules, but also custom-made ones which our admins include whenever they detect attacks which haven't yet been included within the commercial pack.