ModSecurity
Find out what ModSecurity is, how it functions and what exactly it does in order to protect your Internet sites and applications.
ModSecurity is an effective firewall for Apache web servers which is employed to stop attacks towards web applications. It monitors the HTTP traffic to a particular website in real time and prevents any intrusion attempts the moment it detects them. The firewall uses a set of rules to accomplish that - as an illustration, trying to log in to a script administration area unsuccessfully many times activates one rule, sending a request to execute a specific file which could result in gaining access to the website triggers another rule, etcetera. ModSecurity is among the best firewalls around and it will protect even scripts which are not updated often because it can prevent attackers from using known exploits and security holes. Quite comprehensive data about every intrusion attempt is recorded and the logs the firewall keeps are a lot more comprehensive than the regular logs generated by the Apache server, so you could later take a look at them and decide if you need to take additional measures so as to increase the safety of your script-driven sites.
-
ModSecurity in Shared Website Hosting
We provide ModSecurity with all
shared website hosting solutions, so your Internet apps will be shielded from malicious attacks. The firewall is switched on as standard for all domains and subdomains, but in case you'd like, you shall be able to stop it via the respective part of your Hepsia Control Panel. You'll be able to also switch on a detection mode, so ModSecurity will keep a log as intended, but shall not take any action. The logs which you'll find within Hepsia are quite detailed and offer info about the nature of any attack, when it happened and from what IP address, the firewall rule which was triggered, and so forth. We employ a group of commercial rules that are constantly updated, but sometimes our administrators add custom rules as well in order to efficiently protect the sites hosted on our servers.
-
ModSecurity in Semi-dedicated Hosting
Any web program you install in your new
semi-dedicated hosting account will be protected by ModSecurity because the firewall comes with all our hosting solutions and is activated by default for any domain and subdomain you add or create through your Hepsia hosting Control Panel. You'll be able to manage ModSecurity through a dedicated section in Hepsia where not only could you activate or deactivate it fully, but you could also switch on a passive mode, so the firewall won't block anything, but it'll still keep a record of potential attacks. This takes just a mouse click and you shall be able to see the logs regardless if ModSecurity is in passive or active mode through the same section - what the attack was and where it originated from, how it was addressed, and so forth. The firewall uses 2 sets of rules on our web servers - a commercial one which we get from a third-party web security firm and a custom one which our admins update manually as to respond to newly discovered risks at the earliest opportunity.
-
ModSecurity in VPS Hosting
All
virtual private servers which are set up with the Hepsia Control Panel include ModSecurity. The firewall is installed and switched on by default for all domains that are hosted on the web server, so there shall not be anything special that you will have to do to protect your websites. It'll take you a click to stop ModSecurity if necessary or to activate its passive mode so that it records what happens without taking any actions to prevent intrusions. You'll be able to view the logs created in passive or active mode via the corresponding section of Hepsia and discover more about the type of the attack, where it came from, what rule the firewall employed to take care of it, and so forth. We use a mixture of commercial and custom rules in order to make certain that ModSecurity shall block out as many risks as possible, hence enhancing the security of your web applications as much as possible.
-
ModSecurity in Dedicated Web Hosting
All of our
dedicated servers that are installed with the Hepsia hosting CP include ModSecurity, so any application which you upload or set up will be secured from the very beginning and you will not have to bother about common attacks or vulnerabilities. An independent section inside Hepsia will permit you to start or stop the firewall for every domain or subdomain, or turn on a detection mode so that it records information about intrusions, but doesn't take actions to stop them. What you'll find in the logs shall allow you to to secure your websites better - the IP address an attack originated from, what website was attacked as well as how, what ModSecurity rule was triggered, and so on. With this info, you'll be able to see whether an Internet site needs an update, if you should block IPs from accessing your hosting server, etc. Besides the third-party commercial security rules for ModSecurity which we use, our admins include custom ones too if they discover a new threat that's not yet included in the commercial bundle.