Discover what ModSecurity actually is, how it works and just what exactly it does to defend your sites and web applications.
ModSecurity is a plugin for Apache web servers that functions as a web app layer firewall. It's used to stop attacks towards script-driven sites through the use of security rules which contain particular expressions. That way, the firewall can block hacking and spamming attempts and protect even sites that are not updated on a regular basis. For example, a number of unsuccessful login attempts to a script admin area or attempts to execute a specific file with the objective to get access to the script shall trigger specific rules, so ModSecurity will stop these activities the second it identifies them. The firewall is very efficient as it screens the entire HTTP traffic to an Internet site in real time without slowing it down, so it will be able to prevent an attack before any harm is done. It also keeps an incredibly detailed log of all attack attempts that features more info than conventional Apache logs, so you can later analyze the data and take extra measures to increase the security of your websites if necessary.
ModSecurity in Cloud Website Hosting
We provide ModSecurity with all cloud website hosting
plans, so your web apps shall be shielded from destructive attacks. The firewall is activated as standard for all domains and subdomains, but in case you'd like, you'll be able to stop it using the respective part of your Hepsia Control Panel. You'll be able to also switch on a detection mode, so ModSecurity shall keep a log as intended, but won't take any action. The logs that you'll find inside Hepsia are extremely detailed and feature data about the nature of any attack, when it took place and from what IP address, the firewall rule that was triggered, etc. We use a group of commercial rules that are frequently updated, but sometimes our admins include custom rules as well in order to efficiently protect the sites hosted on our machines.
ModSecurity in Semi-dedicated Servers
Any web application you install inside your new semi-dedicated server
account shall be protected by ModSecurity because the firewall is included with all our hosting plans and is switched on by default for any domain and subdomain that you include or create via your Hepsia hosting Control Panel. You shall be able to manage ModSecurity through a dedicated area in Hepsia where not simply can you activate or deactivate it completely, but you could also enable a passive mode, so the firewall will not block anything, but it'll still keep a record of potential attacks. This normally requires simply a click and you shall be able to view the logs no matter if ModSecurity is in active or passive mode through the same section - what the attack was and where it came from, how it was taken care of, etcetera. The firewall employs 2 sets of rules on our web servers - a commercial one that we get from a third-party web security firm and a custom one which our admins update personally as to respond to recently discovered threats as fast as possible.
ModSecurity in VPS Servers
ModSecurity is provided with all Hepsia-based VPS servers
that we offer and it will be activated automatically for every new domain or subdomain which you add on the machine. In this way, any web app that you install shall be secured from the very beginning without doing anything by hand on your end. The firewall may be handled through the section of the Control Panel which bears the same name. This is the location in whichyou'll be able to turn off ModSecurity or let its passive mode, so it will not take any action toward threats, but will still keep a detailed log. The recorded data is available within the same section as well and you shall be able to see what IPs any attacks originated from to enable you to block them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity responded. The rules that we use on our servers are a mix between commercial ones we obtain from a security company and custom ones that are added by our admins to optimize the protection of any web applications hosted on our end.
ModSecurity in Dedicated Servers
All of our dedicated servers
that are set up with the Hepsia hosting CP include ModSecurity, so any app you upload or install shall be secured from the very beginning and you'll not have to concern yourself with common attacks or vulnerabilities. An individual section inside Hepsia will allow you to start or stop the firewall for each domain or subdomain, or turn on a detection mode so that it records information regarding intrusions, but does not take actions to prevent them. What you shall see in the logs can easily enable you to to secure your Internet sites better - the IP address an attack originated from, what site was attacked and in what way, what ModSecurity rule was triggered, and so on. With this information, you could see whether an Internet site needs an update, if you should block IPs from accessing your web server, etc. On top of the third-party commercial security rules for ModSecurity we use, our administrators include custom ones as well every time they find a new threat that is not yet a part of the commercial bundle.