ModSecurity
Learn what ModSecurity is, what it does and just what it does to protect your web sites and web apps.
ModSecurity is a plugin for Apache web servers which acts as a web app layer firewall. It's employed to prevent attacks against script-driven websites by using security rules which contain particular expressions. That way, the firewall can prevent hacking and spamming attempts and preserve even websites that aren't updated often. For example, numerous unsuccessful login attempts to a script admin area or attempts to execute a specific file with the objective to get access to the script will trigger certain rules, so ModSecurity will block these activities the minute it identifies them. The firewall is quite efficient because it screens the entire HTTP traffic to a site in real time without slowing it down, so it can prevent an attack before any damage is done. It also keeps an exceptionally comprehensive log of all attack attempts which includes more information than typical Apache logs, so you could later analyze the data and take additional measures to increase the security of your websites if needed.
-
ModSecurity in Cloud Web Hosting
We provide ModSecurity with all
cloud web hosting solutions, so your Internet applications shall be resistant to malicious attacks. The firewall is turned on as standard for all domains and subdomains, but in case you'd like, you'll be able to stop it through the respective section of your Hepsia CP. You'll be able to also activate a detection mode, so ModSecurity will keep a log as intended, but shall not take any action. The logs that you'll find inside Hepsia are incredibly detailed and offer data about the nature of any attack, when it occurred and from what IP address, the firewall rule that was triggered, etcetera. We employ a set of commercial rules that are constantly updated, but sometimes our administrators include custom rules as well so as to efficiently protect the websites hosted on our machines.
-
ModSecurity in Semi-dedicated Servers
All
semi-dedicated server solutions that we offer feature ModSecurity and since the firewall is turned on by default, any Internet site which you set up under a domain or a subdomain shall be protected straight away. An independent section in the Hepsia CP that comes with the semi-dedicated accounts is devoted to ModSecurity and it will enable you to start and stop the firewall for any website or activate a detection mode. With the last mentioned, ModSecurity will not take any action, but it shall still detect possible attacks and will keep all information inside a log as if it were completely active. The logs can be found inside the exact same section of the Control Panel and they feature information regarding the IP where an attack came from, what its nature was, what rule ModSecurity applies to detect and stop it, and so forth. The security rules that we use on our machines are a mix of commercial ones from a security firm and custom ones created by our system administrators. As a result, we provide increased security for your web apps as we can protect them from attacks even before security firms release updates for completely new threats.
-
ModSecurity in VPS Servers
Security is extremely important to us, so we set up ModSecurity on all
VPS servers which are made available with the Hepsia CP as a standard. The firewall could be managed through a dedicated section within Hepsia and is turned on automatically when you add a new domain or create a subdomain, so you will not need to do anything manually. You'll also be able to disable it or activate the so-called detection mode, so it'll keep a log of possible attacks which you can later analyze, but won't block them. The logs in both passive and active modes include information about the kind of the attack and how it was prevented, what IP address it came from and other useful data that could help you to tighten the security of your websites by updating them or blocking IPs, as an example. In addition to the commercial rules we get for ModSecurity from a third-party security company, we also use our own rules because every now and then we find specific attacks which aren't yet present within the commercial pack. This way, we can easily improve the security of your Virtual private server promptly as opposed to waiting for an official update.
-
ModSecurity in Dedicated Servers
ModSecurity is offered as standard with all
dedicated servers that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain that you host or subdomain you create on the server. Just in case that a web application doesn't operate correctly, you may either turn off the firewall or set it to function in passive mode. The second means that ModSecurity will keep a log of any possible attack which may happen, but will not take any action to prevent it. The logs created in active or passive mode shall provide you with more details about the exact file that was attacked, the nature of the attack and the IP it came from, etc. This data shall allow you to choose what measures you can take to increase the security of your sites, such as blocking IPs or performing script and plugin updates. The ModSecurity rules which we use are updated constantly with a commercial package from a third-party security company we work with, but sometimes our staff add their own rules as well in the event that they come across a new potential threat.