Discover what ModSecurity is really, the way it works and just what exactly it will do to protect your sites and apps.
ModSecurity is an effective firewall for Apache web servers which is used to prevent attacks towards web applications. It tracks the HTTP traffic to a particular website in real time and prevents any intrusion attempts the instant it discovers them. The firewall relies on a set of rules to accomplish that - as an illustration, attempting to log in to a script admin area unsuccessfully many times activates one rule, sending a request to execute a particular file that could result in gaining access to the site triggers a different rule, and so on. ModSecurity is amongst the best firewalls on the market and it will secure even scripts which aren't updated regularly since it can prevent attackers from using known exploits and security holes. Very comprehensive information about each intrusion attempt is recorded and the logs the firewall keeps are a lot more detailed than the standard logs generated by the Apache server, so you could later analyze them and determine if you need to take additional measures in order to boost the protection of your script-driven websites.
ModSecurity in Shared Web Hosting
ModSecurity comes standard with all shared web hosting
plans that we provide and it shall be switched on automatically for any domain or subdomain that you add/create in your Hepsia hosting Control Panel. The firewall has 3 different modes, so you'll be able to switch on and deactivate it with just a click or set it to detection mode, so it'll maintain a log of all attacks, but it'll not do anything to prevent them. The log for any of your Internet sites will feature comprehensive information including the nature of the attack, where it came from, what action was taken by ModSecurity, and so on. The firewall rules we use are regularly updated and consist of both commercial ones that we get from a third-party security company and custom ones our system administrators include in the event that they detect a new sort of attacks. This way, the Internet sites you host here shall be way more secure with no action expected on your end.
ModSecurity in Semi-dedicated Servers
We have incorporated ModSecurity by default in all semi-dedicated server
plans, so your web applications will be protected whenever you set them up under any domain or subdomain. The Hepsia CP that is included with the semi-dedicated accounts will permit you to switch on or disable the firewall for any Internet site with a mouse click. You will also be able to activate a passive detection mode through which ModSecurity will keep a log of potential attacks without really preventing them. The thorough logs include things like the nature of the attack and what ModSecurity response this attack caused, where it originated from, and so forth. The list of rules that we employ is frequently updated in order to match any new risks that might appear on the Internet and it consists of both commercial rules that we get from a security corporation and custom-written ones that our admins add in the event that they find a threat that is not present inside the commercial list yet.
ModSecurity in VPS Servers
ModSecurity is pre-installed on all VPS servers
that are set up with the Hepsia hosting CP, so your web programs will be protected from the second your server is ready. The firewall is switched on by default for any domain or subdomain on the Virtual Private Server, but if required, you'll be able to disable it with a mouse click from the corresponding section of Hepsia. You may also set it to work in detection mode, so it shall maintain an extensive log of any potential attacks without taking any action to stop them. The logs are available in the exact same section and provide information regarding the nature of the attack, what IP address it came from and what ModSecurity rule was initiated to stop it. For best security, we use not only commercial rules from a business operating in the field of web security, but also custom ones which our administrators add personally in order to react to new risks which are still not addressed in the commercial rules.
ModSecurity in Dedicated Servers
ModSecurity is provided as standard with all dedicated servers
that are set up with the Hepsia CP and is set to “Active” automatically for any domain which you host or subdomain that you create on the web server. Just in case that a web app doesn't function correctly, you can either switch off the firewall or set it to function in passive mode. The second means that ModSecurity will keep a log of any potential attack which might occur, but will not take any action to stop it. The logs produced in active or passive mode will give you more details about the exact file which was attacked, the type of the attack and the IP address it originated from, and so forth. This data will enable you to choose what steps you can take to enhance the safety of your sites, such as blocking IPs or performing script and plugin updates. The ModSecurity rules which we employ are updated regularly with a commercial pack from a third-party security provider we work with, but from time to time our admins include their own rules too when they identify a new potential threat.