Find out what ModSecurity is, how it works and what exactly it does to protect your Internet sites and applications.
ModSecurity is a powerful firewall for Apache web servers that's employed to stop attacks against web apps. It tracks the HTTP traffic to a specific website in real time and stops any intrusion attempts the moment it identifies them. The firewall relies on a set of rules to accomplish that - as an example, attempting to log in to a script admin area unsuccessfully several times sets off one rule, sending a request to execute a particular file which may result in getting access to the website triggers a different rule, and so on. ModSecurity is amongst the best firewalls on the market and it will secure even scripts which aren't updated often as it can prevent attackers from employing known exploits and security holes. Quite thorough data about every single intrusion attempt is recorded and the logs the firewall keeps are much more comprehensive than the conventional logs generated by the Apache server, so you can later take a look at them and determine if you need to take more measures in order to increase the security of your script-driven websites.
ModSecurity in Web Hosting
ModSecurity is offered with each web hosting
solution that we provide and it's activated by default for every domain or subdomain which you include via your Hepsia Control Panel. In the event that it disrupts any of your apps or you'd like to disable it for whatever reason, you'll be able to achieve that through the ModSecurity section of Hepsia with only a mouse click. You can also use a passive mode, so the firewall will recognize possible attacks and keep a log, but shall not take any action. You'll be able to view detailed logs in the same section, including the IP address where the attack came from, what precisely the attacker aimed to do and at what time, what ModSecurity did, etc. For maximum safety of our customers we use a collection of commercial firewall rules blended with custom ones which are added by our system administrators.
ModSecurity in Semi-dedicated Servers
We have incorporated ModSecurity as a standard within all semi-dedicated server
plans, so your web applications will be protected whenever you set them up under any domain or subdomain. The Hepsia Control Panel which is included with the semi-dedicated accounts will permit you to activate or disable the firewall for any Internet site with a mouse click. You shall also have the ability to switch on a passive detection mode with which ModSecurity shall keep a log of possible attacks without actually stopping them. The thorough logs include things like the nature of the attack and what ModSecurity response this attack initiated, where it originated from, and so on. The list of rules which we use is constantly updated as to match any new risks that may appear on the Internet and it features both commercial rules that we get from a security firm and custom-written ones that our admins include in case they find a threat that's not present inside the commercial list yet.
ModSecurity in Dedicated Servers
All of our dedicated servers
which are installed with the Hepsia hosting CP feature ModSecurity, so any application which you upload or install will be properly secured from the very beginning and you'll not need to stress about common attacks or vulnerabilities. An independent section in Hepsia will allow you to start or stop the firewall for every domain or subdomain, or turn on a detection mode so that it records details about intrusions, but doesn't take actions to stop them. What you shall discover in the logs can easily allow you to to secure your websites better - the IP an attack originated from, what site was attacked as well as how, what ModSecurity rule was triggered, and so on. With this data, you could see whether a website needs an update, if you should block IPs from accessing your hosting server, etc. In addition to the third-party commercial security rules for ModSecurity we use, our administrators add custom ones as well every time they discover a new threat which is not yet included in the commercial bundle.