Discover what ModSecurity is in fact, how it operates and what actually it can do to guard your sites and web applications.
ModSecurity is a plugin for Apache web servers that acts as a web app layer firewall. It is used to stop attacks against script-driven Internet sites through the use of security rules that contain particular expressions. That way, the firewall can block hacking and spamming attempts and protect even Internet sites which are not updated frequently. For example, a number of unsuccessful login attempts to a script admin area or attempts to execute a specific file with the objective to get access to the script shall trigger particular rules, so ModSecurity shall stop these activities the instant it identifies them. The firewall is quite efficient as it monitors the entire HTTP traffic to a website in real time without slowing it down, so it will be able to stop an attack before any harm is done. It furthermore maintains a very thorough log of all attack attempts which contains more info than traditional Apache logs, so you can later analyze the data and take additional measures to enhance the security of your sites if required.
ModSecurity in Shared Hosting
We offer ModSecurity with all shared hosting
plans, so your Internet apps will be protected against malicious attacks. The firewall is switched on as standard for all domains and subdomains, but in case you'd like, you shall be able to stop it through the respective section of your Hepsia Control Panel. You'll be able to also activate a detection mode, so ModSecurity will keep a log as intended, but won't take any action. The logs that you will discover in Hepsia are very detailed and include data about the nature of any attack, when it transpired and from what IP address, the firewall rule which was triggered, etcetera. We use a group of commercial rules that are regularly updated, but sometimes our admins add custom rules as well so as to efficiently protect the sites hosted on our machines.
ModSecurity in Semi-dedicated Hosting
We have integrated ModSecurity by default inside all semi-dedicated hosting
plans, so your web apps will be protected whenever you set them up under any domain or subdomain. The Hepsia Control Panel which comes with the semi-dedicated accounts shall permit you to switch on or turn off the firewall for any site with a click. You shall also have the ability to switch on a passive detection mode with which ModSecurity will maintain a log of potential attacks without really preventing them. The comprehensive logs include the nature of the attack and what ModSecurity response that attack initiated, where it came from, etcetera. The list of rules we use is frequently updated in order to match any new risks that may appear on the Internet and it comes with both commercial rules that we get from a security firm and custom-written ones which our administrators include if they discover a threat that's not present within the commercial list yet.
ModSecurity in VPS Hosting
All virtual private servers
which are set up with the Hepsia Control Panel feature ModSecurity. The firewall is installed and turned on by default for all domains that are hosted on the server, so there won't be anything special which you'll have to do to protect your websites. It'll take you simply a mouse click to stop ModSecurity if necessary or to switch on its passive mode so that it records what happens without taking any steps to stop intrusions. You shall be able to see the logs generated in passive or active mode from the corresponding section of Hepsia and learn more about the type of the attack, where it came from, what rule the firewall used to handle it, etcetera. We use a combination of commercial and custom rules in order to make certain that ModSecurity shall block as many threats as possible, hence improving the protection of your web programs as much as possible.
ModSecurity in Dedicated Web Hosting
ModSecurity is included with all dedicated servers
that are set up with our Hepsia CP and you'll not need to do anything specific on your end to employ it since it is switched on by default each time you add a new domain or subdomain on your web server. In the event that it disrupts any of your applications, you will be able to stop it via the respective section of Hepsia, or you could leave it working in passive mode, so it will detect attacks and shall still maintain a log for them, but shall not prevent them. You can analyze the logs later to learn what you can do to increase the security of your sites as you'll find details such as where an intrusion attempt originated from, what Internet site was attacked and in accordance with what rule ModSecurity responded, etc. The rules that we use are commercial, therefore they are constantly updated by a security company, but to be on the safe side, our staff also add custom rules occasionally in order to react to any new threats they have identified.