ModSecurity
Learn how having ModSecurity enabled within your web hosting account can help silently with your web site security.
ModSecurity is an efficient firewall for Apache web servers that's employed to prevent attacks towards web applications. It keeps track of the HTTP traffic to a given website in real time and stops any intrusion attempts the instant it detects them. The firewall uses a set of rules to do that - as an illustration, trying to log in to a script administration area without success many times sets off one rule, sending a request to execute a specific file that could result in accessing the website triggers another rule, and so forth. ModSecurity is among the best firewalls available and it will protect even scripts that are not updated frequently because it can prevent attackers from employing known exploits and security holes. Quite detailed info about each and every intrusion attempt is recorded and the logs the firewall keeps are considerably more comprehensive than the regular logs created by the Apache server, so you could later analyze them and determine if you need to take more measures in order to increase the safety of your script-driven Internet sites.
-
ModSecurity in Cloud Web Hosting
ModSecurity is offered with every
cloud web hosting solution that we provide and it's activated by default for every domain or subdomain which you add via your Hepsia CP. In the event that it disrupts any of your apps or you would like to disable it for some reason, you'll be able to accomplish that through the ModSecurity area of Hepsia with just a mouse click. You could also activate a passive mode, so the firewall will discover potential attacks and maintain a log, but shall not take any action. You could view comprehensive logs in the same section, including the IP address where the attack originated from, what precisely the attacker attempted to do and at what time, what ModSecurity did, etcetera. For maximum security of our customers we use a group of commercial firewall rules blended with custom ones that are included by our system admins.
-
ModSecurity in Semi-dedicated Hosting
ModSecurity is part of our
semi-dedicated hosting plans and if you decide to host your websites with our company, there will not be anything special you'll need to do since the firewall is switched on by default for all domains and subdomains you add via your hosting CP. If required, you can disable ModSecurity for a particular site or enable the so-called detection mode in which case the firewall shall still work and record data, but won't do anything to prevent possible attacks against your sites. In depth logs shall be accessible within your Control Panel and you'll be able to see which kind of attacks took place, what security rules were triggered and how the firewall dealt with the threats, what IP addresses the attacks came from, and so on. We use 2 sorts of rules on our servers - commercial ones from a firm that operates in the field of web security, and custom made ones which our administrators occasionally add to respond to newly discovered threats in a timely manner.
-
ModSecurity in VPS Web Hosting
Safety is very important to us, so we set up ModSecurity on all
virtual private servers which are set up with the Hepsia Control Panel as a standard. The firewall can be managed via a dedicated section within Hepsia and is turned on automatically when you add a new domain or generate a subdomain, so you'll not need to do anything manually. You'll also be able to disable it or activate the so-called detection mode, so it will maintain a log of possible attacks you can later study, but will not stop them. The logs in both passive and active modes offer information about the form of the attack and how it was eliminated, what IP address it originated from and other valuable info which could help you to tighten the security of your sites by updating them or blocking IPs, for instance. In addition to the commercial rules that we get for ModSecurity from a third-party security company, we also implement our own rules because once in a while we identify specific attacks that aren't yet present within the commercial pack. This way, we could boost the protection of your VPS right away instead of waiting for an official update.
-
ModSecurity in Dedicated Servers Hosting
ModSecurity is available as standard with all
dedicated servers which are set up with the Hepsia CP and is set to “Active” automatically for any domain that you host or subdomain that you create on the hosting server. In case that a web app does not operate properly, you may either disable the firewall or set it to work in passive mode. The second means that ModSecurity shall maintain a log of any potential attack that might occur, but won't take any action to stop it. The logs generated in active or passive mode will present you with additional details about the exact file that was attacked, the nature of the attack and the IP address it came from, and so forth. This info will enable you to choose what actions you can take to boost the security of your sites, including blocking IPs or carrying out script and plugin updates. The ModSecurity rules we use are updated regularly with a commercial pack from a third-party security provider we work with, but from time to time our staff add their own rules also when they find a new potential threat.