Discover what ModSecurity is in fact, how it works and just what exactly it will do to shield your websites and applications.
ModSecurity is a plugin for Apache web servers that acts as a web app layer firewall. It is employed to stop attacks towards script-driven websites by using security rules that contain certain expressions. In this way, the firewall can block hacking and spamming attempts and shield even websites which are not updated often. For instance, multiple unsuccessful login attempts to a script administrator area or attempts to execute a certain file with the objective to get access to the script will trigger certain rules, so ModSecurity will stop these activities the minute it discovers them. The firewall is very efficient as it screens the entire HTTP traffic to a website in real time without slowing it down, so it could prevent an attack before any harm is done. It also maintains an exceptionally detailed log of all attack attempts that includes more information than traditional Apache logs, so you can later examine the data and take extra measures to boost the security of your Internet sites if necessary.
ModSecurity in Web Hosting
We provide ModSecurity with all web hosting
plans, so your Internet apps shall be resistant to harmful attacks. The firewall is activated by default for all domains and subdomains, but in case you'd like, you shall be able to stop it via the respective section of your Hepsia Control Panel. You could also activate a detection mode, so ModSecurity shall keep a log as intended, but won't take any action. The logs that you shall find within Hepsia are incredibly detailed and feature information about the nature of any attack, when it occurred and from what IP address, the firewall rule that was triggered, and so on. We use a group of commercial rules which are regularly updated, but sometimes our administrators include custom rules as well in order to better protect the websites hosted on our servers.
ModSecurity in Semi-dedicated Hosting
ModSecurity is part of our semi-dedicated hosting
solutions and if you choose to host your websites with our company, there shall not be anything special you'll have to do as the firewall is switched on by default for all domains and subdomains that you add using your hosting Control Panel. If necessary, you could disable ModSecurity for a certain site or switch on the so-called detection mode in which case the firewall will still operate and record info, but won't do anything to stop potential attacks against your Internet sites. Comprehensive logs will be available in your CP and you shall be able to see what sort of attacks happened, what security rules were triggered and how the firewall addressed the threats, what IP addresses the attacks came from, etcetera. We employ two kinds of rules on our servers - commercial ones from a business which operates in the field of web security, and custom made ones which our administrators occasionally add to respond to newly identified risks in a timely manner.
ModSecurity in VPS Web Hosting
All virtual private servers
that are set up with the Hepsia Control Panel include ModSecurity. The firewall is installed and switched on by default for all domains which are hosted on the server, so there won't be anything special that you'll have to do to protect your sites. It'll take you a click to stop ModSecurity if required or to activate its passive mode so that it records what occurs without taking any actions to prevent intrusions. You will be able to see the logs generated in passive or active mode via the corresponding section of Hepsia and discover more about the type of the attack, where it originated from, what rule the firewall employed to handle it, and so forth. We employ a combination of commercial and custom rules so as to make sure that ModSecurity will stop as many threats as possible, hence boosting the security of your web programs as much as possible.
ModSecurity in Dedicated Servers Hosting
ModSecurity is offered as standard with all dedicated servers
which are set up with the Hepsia CP and is set to “Active” automatically for any domain which you host or subdomain which you create on the hosting server. In case that a web application doesn't work adequately, you could either turn off the firewall or set it to operate in passive mode. The second means that ModSecurity shall maintain a log of any possible attack which could occur, but won't take any action to prevent it. The logs created in active or passive mode will give you additional details about the exact file which was attacked, the type of the attack and the IP it originated from, etcetera. This data shall permit you to decide what steps you can take to increase the protection of your sites, including blocking IPs or carrying out script and plugin updates. The ModSecurity rules that we use are updated often with a commercial bundle from a third-party security firm we work with, but occasionally our administrators add their own rules also in the event that they identify a new potential threat.