ModSecurity
Find out what ModSecurity is, how it functions and precisely what it does to protect your Internet sites and applications.
ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to an Internet site without affecting its performance and if it discovers an intrusion attempt, it prevents it. The firewall furthermore maintains a more detailed log for the site visitors than any web server does, so you'll manage to monitor what's happening with your websites much better than if you rely merely on standard logs. ModSecurity uses security rules based on which it stops attacks. For instance, it recognizes whether anyone is attempting to log in to the administrator area of a given script a number of times or if a request is sent to execute a file with a certain command. In these situations these attempts set off the corresponding rules and the firewall blocks the attempts right away, after that records in-depth info about them in its logs. ModSecurity is among the best software firewalls available and it could easily protect your web apps against a large number of threats and vulnerabilities, especially in case you don’t update them or their plugins often.
-
ModSecurity in Website Hosting
ModSecurity is offered with each and every
website hosting plan which we provide and it is switched on by default for every domain or subdomain that you add via your Hepsia CP. In the event that it interferes with any of your programs or you would like to disable it for any reason, you shall be able to do this through the ModSecurity section of Hepsia with merely a mouse click. You could also enable a passive mode, so the firewall will recognize potential attacks and keep a log, but will not take any action. You could see comprehensive logs in the exact same section, including the IP address where the attack came from, what precisely the attacker attempted to do and at what time, what ModSecurity did, etc. For maximum security of our customers we use a group of commercial firewall rules blended with custom ones which are added by our system administrators.
-
ModSecurity in Semi-dedicated Hosting
We have incorporated ModSecurity as a standard inside all
semi-dedicated hosting packages, so your web apps will be protected the instant you set them up under any domain or subdomain. The Hepsia CP which comes with the semi-dedicated accounts shall allow you to switch on or disable the firewall for any Internet site with a mouse click. You will also be able to activate a passive detection mode in which ModSecurity will keep a log of potential attacks without actually preventing them. The thorough logs include things like the nature of the attack and what ModSecurity response this attack generated, where it came from, and so on. The list of rules that we use is regularly updated as to match any new threats which may appear on the Internet and it features both commercial rules that we get from a security firm and custom-written ones that our administrators add in case they find a threat that's not present in the commercial list yet.
-
ModSecurity in Dedicated Servers Hosting
ModSecurity is available as standard with all
dedicated servers that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain which you host or subdomain which you create on the web server. Just in case that a web application doesn't operate correctly, you could either switch off the firewall or set it to operate in passive mode. The latter means that ModSecurity will maintain a log of any potential attack that could occur, but will not take any action to stop it. The logs created in active or passive mode will present you with more details about the exact file which was attacked, the nature of the attack and the IP address it originated from, etc. This information shall permit you to determine what actions you can take to enhance the safety of your websites, such as blocking IPs or performing script and plugin updates. The ModSecurity rules we use are updated constantly with a commercial pack from a third-party security enterprise we work with, but occasionally our staff include their own rules too if they discover a new potential threat.