Find out what ModSecurity is, how it functions and precisely what it does so as to protect your websites and apps.
ModSecurity is a highly effective firewall for Apache web servers that's employed to prevent attacks against web apps. It tracks the HTTP traffic to a certain site in real time and prevents any intrusion attempts the moment it identifies them. The firewall relies on a set of rules to do that - for example, attempting to log in to a script admin area without success a few times sets off one rule, sending a request to execute a specific file which may result in getting access to the website triggers a different rule, and so forth. ModSecurity is one of the best firewalls available and it will protect even scripts which are not updated frequently as it can prevent attackers from employing known exploits and security holes. Incredibly comprehensive info about every intrusion attempt is recorded and the logs the firewall keeps are much more detailed than the regular logs provided by the Apache server, so you may later analyze them and determine if you need to take extra measures so as to enhance the safety of your script-driven sites.
ModSecurity in Shared Hosting
ModSecurity can be found with every single shared hosting
package that we provide and it's turned on by default for any domain or subdomain which you add via your Hepsia CP. In case it disrupts any of your applications or you would like to disable it for any reason, you'll be able to do this through the ModSecurity section of Hepsia with simply a click. You can also activate a passive mode, so the firewall will identify possible attacks and maintain a log, but won't take any action. You can see extensive logs in the same section, including the IP where the attack originated from, what exactly the attacker tried to do and at what time, what ModSecurity did, etc. For optimum protection of our clients we use a collection of commercial firewall rules combined with custom ones which are provided by our system admins.
ModSecurity in Semi-dedicated Hosting
All semi-dedicated hosting
packages that we offer come with ModSecurity and given that the firewall is turned on by default, any Internet site that you create under a domain or a subdomain will be protected right away. A separate section within the Hepsia Control Panel that comes with the semi-dedicated accounts is dedicated to ModSecurity and it will permit you to stop and start the firewall for any Internet site or activate a detection mode. With the latter, ModSecurity shall not take any action, but it shall still recognize possible attacks and shall keep all data in a log as if it were 100% active. The logs could be found inside the exact same section of the CP and they include details about the IP where an attack came from, what its nature was, what rule ModSecurity applies to detect and stop it, etc. The security rules that we use on our servers are a mix between commercial ones from a security firm and custom ones made by our system administrators. As a result, we offer increased security for your web programs as we can shield them from attacks even before security businesses release updates for brand new threats.
ModSecurity in Dedicated Hosting
All of our dedicated servers
which are installed with the Hepsia hosting Control Panel include ModSecurity, so any application that you upload or install shall be protected from the very beginning and you'll not need to bother about common attacks or vulnerabilities. A separate section inside Hepsia will allow you to start or stop the firewall for each and every domain or subdomain, or turn on a detection mode so that it records info about intrusions, but does not take actions to stop them. What you shall see in the logs shall enable you to to secure your sites better - the IP address an attack came from, what site was attacked and in what way, what ModSecurity rule was triggered, etc. With this info, you could see if an Internet site needs an update, whether you ought to block IPs from accessing your hosting server, and so forth. On top of the third-party commercial security rules for ModSecurity we use, our admins include custom ones too every time they discover a new threat which is not yet included in the commercial bundle.