Find out what ModSecurity is, how it works and what exactly it does so as to protect your Internet sites and apps.
ModSecurity is a highly effective firewall for Apache web servers that's used to prevent attacks towards web apps. It tracks the HTTP traffic to a particular website in real time and stops any intrusion attempts the instant it identifies them. The firewall relies on a set of rules to accomplish that - for instance, trying to log in to a script admin area without success many times triggers one rule, sending a request to execute a certain file that could result in gaining access to the website triggers a different rule, etc. ModSecurity is amongst the best firewalls around and it'll secure even scripts that are not updated often because it can prevent attackers from employing known exploits and security holes. Quite detailed data about every single intrusion attempt is recorded and the logs the firewall keeps are considerably more detailed than the standard logs generated by the Apache server, so you could later analyze them and determine if you need to take more measures in order to increase the security of your script-driven websites.
ModSecurity in Cloud Web Hosting
ModSecurity comes standard with all cloud web hosting
solutions that we provide and it will be activated automatically for any domain or subdomain that you add/create within your Hepsia hosting Control Panel. The firewall has 3 different modes, so you could switch on and deactivate it with simply a click or set it to detection mode, so it'll maintain a log of all attacks, but it shall not do anything to stop them. The log for any of your Internet sites shall include comprehensive information which includes the nature of the attack, where it came from, what action was taken by ModSecurity, etcetera. The firewall rules we use are regularly updated and consist of both commercial ones which we get from a third-party security business and custom ones which our system admins add in the event that they detect a new sort of attacks. That way, the Internet sites that you host here will be much more secure without any action expected on your end.
ModSecurity in Semi-dedicated Servers
ModSecurity is part of our semi-dedicated server
solutions and if you decide to host your Internet sites with our company, there won't be anything special you will have to do as the firewall is switched on by default for all domains and subdomains you include via your hosting CP. If necessary, you'll be able to disable ModSecurity for a particular site or turn on the so-called detection mode in which case the firewall will still operate and record info, but will not do anything to stop possible attacks against your websites. Detailed logs shall be readily available in your CP and you shall be able to see which kind of attacks took place, what security rules were triggered and how the firewall dealt with the threats, what Internet protocol addresses the attacks originated from, and so on. We use two types of rules on our servers - commercial ones from a company which operates in the field of web security, and custom ones that our administrators often add to respond to newly discovered threats in a timely manner.
ModSecurity in VPS Servers
ModSecurity is pre-installed on all VPS servers
that are offered with the Hepsia hosting CP, so your web apps shall be protected from the instant your server is ready. The firewall is turned on by default for any domain or subdomain on the Virtual Private Server, but if required, you'll be able to disable it with a click via the corresponding section of Hepsia. You may also set it to work in detection mode, so it shall maintain an extensive log of any possible attacks without taking any action to stop them. The logs can be found inside the same section and include details about the nature of the attack, what IP address it came from and what ModSecurity rule was triggered to stop it. For maximum security, we use not simply commercial rules from a business operating in the field of web security, but also custom ones that our admins add manually in order to respond to new threats which are still not dealt with in the commercial rules.
ModSecurity in Dedicated Servers
ModSecurity is provided with all dedicated servers
that are integrated with our Hepsia Control Panel and you won't have to do anything specific on your end to use it because it is activated by default each time you add a new domain or subdomain on your hosting server. If it interferes with some of your programs, you will be able to stop it via the respective section of Hepsia, or you can leave it operating in passive mode, so it'll detect attacks and will still keep a log for them, but shall not prevent them. You may look at the logs later to learn what you can do to enhance the protection of your websites as you'll find details such as where an intrusion attempt originated from, what site was attacked and based upon what rule ModSecurity responded, and so on. The rules which we employ are commercial, therefore they are constantly updated by a security provider, but to be on the safe side, our administrators also add custom rules occasionally in order to react to any new threats they have found.