Find out what ModSecurity is, how it works and precisely what it can do to defend your websites and applications.
ModSecurity is a highly effective firewall for Apache web servers which is used to stop attacks against web applications. It tracks the HTTP traffic to a particular website in real time and stops any intrusion attempts the instant it discovers them. The firewall uses a set of rules to do this - as an illustration, trying to log in to a script administration area without success a few times activates one rule, sending a request to execute a certain file which could result in gaining access to the site triggers another rule, etc. ModSecurity is one of the best firewalls on the market and it will protect even scripts that aren't updated often because it can prevent attackers from using known exploits and security holes. Quite comprehensive data about every intrusion attempt is recorded and the logs the firewall keeps are considerably more detailed than the standard logs generated by the Apache server, so you may later analyze them and decide whether you need to take additional measures in order to improve the protection of your script-driven Internet sites.
ModSecurity in Hosting
ModSecurity is offered with each and every hosting
solution which we offer and it is activated by default for any domain or subdomain that you include via your Hepsia Control Panel. In case it disrupts any of your applications or you would like to disable it for whatever reason, you'll be able to accomplish that through the ModSecurity area of Hepsia with merely a click. You can also use a passive mode, so the firewall will detect possible attacks and keep a log, but shall not take any action. You can view comprehensive logs in the very same section, including the IP where the attack originated from, what exactly the attacker attempted to do and at what time, what ModSecurity did, etc. For max safety of our clients we use a group of commercial firewall rules combined with custom ones which are provided by our system admins.
ModSecurity in Semi-dedicated Hosting
Any web application that you set up in your new semi-dedicated hosting
account shall be protected by ModSecurity as the firewall comes with all our hosting packages and is activated by default for any domain and subdomain that you include or create through your Hepsia hosting Control Panel. You shall be able to manage ModSecurity via a dedicated section within Hepsia where not only could you activate or deactivate it fully, but you could also enable a passive mode, so the firewall won't stop anything, but it shall still maintain an archive of potential attacks. This requires just a mouse click and you'll be able to look at the logs regardless of if ModSecurity is in passive or active mode through the same section - what the attack was and where it originated from, how it was addressed, and so on. The firewall uses 2 groups of rules on our machines - a commercial one which we get from a third-party web security company and a custom one which our admins update personally in order to respond to recently discovered risks immediately.
ModSecurity in VPS
ModSecurity is pre-installed on all virtual private servers
which are provided with the Hepsia hosting CP, so your web apps will be protected from the instant your server is ready. The firewall is activated by default for any domain or subdomain on the Virtual Private Server, but if needed, you'll be able to deactivate it with a mouse click through the corresponding section of Hepsia. You may also set it to function in detection mode, so it'll keep an extensive log of any potential attacks without taking any action to prevent them. The logs can be found within the same section and offer information regarding the nature of the attack, what IP address it came from and what ModSecurity rule was activated to stop it. For optimum security, we employ not just commercial rules from a business operating in the field of web security, but also custom ones which our administrators include manually in order to react to new risks which are still not tackled in the commercial rules.
ModSecurity in Dedicated Hosting
If you opt to host your sites on a dedicated server
with the Hepsia CP, your web programs shall be secured right away because ModSecurity is available with all Hepsia-based packages. You'll be able to regulate the firewall effortlessly and if needed, you shall be able to turn it off or enable its passive mode when it'll only keep a log of what's going on without taking any action to prevent possible attacks. The logs which you can find within the exact same section of the Control Panel are really detailed and contain information about the attacker IP, what website and file were attacked and in what ways, what rule the firewall used to prevent the intrusion, and so on. This info will allow you to take measures and increase the security of your sites even more. To be on the safe side, we use not just commercial rules, but also custom-made ones that our admins include whenever they recognize attacks which have not yet been included in the commercial pack.