Learn what ModSecurity is, how it works and what actually it does to shield your sites and apps.
ModSecurity is a highly effective web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to a website without affecting its functionality and if it discovers an intrusion attempt, it prevents it. The firewall additionally keeps a more thorough log for the website visitors than any web server does, so you will be able to keep track of what's going on with your sites much better than if you rely only on conventional logs. ModSecurity works with security rules based on which it prevents attacks. For example, it recognizes if somebody is attempting to log in to the administration area of a specific script a number of times or if a request is sent to execute a file with a specific command. In such circumstances these attempts trigger the corresponding rules and the firewall hinders the attempts immediately, and then records detailed info about them within its logs. ModSecurity is among the best software firewalls available and it can protect your web apps against a huge number of threats and vulnerabilities, especially if you don’t update them or their plugins often.
ModSecurity in Website Hosting
ModSecurity comes standard with all website hosting
solutions that we provide and it shall be turned on automatically for any domain or subdomain that you add/create within your Hepsia hosting CP. The firewall has 3 different modes, so you can activate and disable it with just a mouse click or set it to detection mode, so it shall keep a log of all attacks, but it will not do anything to stop them. The log for any of your Internet sites shall feature in-depth information including the nature of the attack, where it came from, what action was taken by ModSecurity, etc. The firewall rules we use are constantly updated and consist of both commercial ones we get from a third-party security firm and custom ones which our system admins include in case that they detect a new sort of attacks. In this way, the sites you host here will be much more protected with no action expected on your end.
ModSecurity in Semi-dedicated Servers
ModSecurity is a part of our semi-dedicated server
solutions and if you decide to host your Internet sites with our company, there shall not be anything special you will have to do given that the firewall is switched on by default for all domains and subdomains you include via your hosting CP. If necessary, you'll be able to disable ModSecurity for a certain Internet site or activate the so-called detection mode in which case the firewall will still operate and record data, but will not do anything to prevent potential attacks on your websites. Comprehensive logs shall be readily available in your Control Panel and you shall be able to see which kind of attacks happened, what security rules were triggered and how the firewall handled the threats, what Internet protocol addresses the attacks originated from, and so on. We employ two types of rules on our servers - commercial ones from an organization that operates in the field of web security, and customized ones that our administrators occasionally include to respond to newly found risks on time.
ModSecurity in VPS Servers
ModSecurity is pre-installed on all VPS servers
which are provided with the Hepsia hosting CP, so your web programs shall be protected from the instant your server is ready. The firewall is turned on by default for any domain or subdomain on the Virtual Private Server, but if needed, you could disable it with a click through the corresponding section of Hepsia. You may also set it to operate in detection mode, so it will keep a detailed log of any possible attacks without taking any action to prevent them. The logs can be found within the exact same section and provide information about the nature of the attack, what IP address it came from and what ModSecurity rule was triggered to stop it. For optimum security, we use not just commercial rules from a firm operating in the field of web security, but also custom ones that our admins include manually so as to respond to new risks that are still not dealt with in the commercial rules.
ModSecurity in Dedicated Servers
When you choose to host your sites on a dedicated server
with the Hepsia CP, your web applications shall be secured right away since ModSecurity is supplied with all Hepsia-based packages. You'll be able to control the firewall without difficulty and if needed, you'll be able to turn it off or enable its passive mode when it will only keep a log of what's happening without taking any action to stop possible attacks. The logs that you will find within the exact same section of the Control Panel are really detailed and contain data about the attacker IP, what site and file were attacked and in what way, what rule the firewall used to prevent the intrusion, etc. This information shall permit you to take measures and enhance the protection of your Internet sites even more. To be on the safe side, we use not only commercial rules, but also custom-made ones which our staff add whenever they identify attacks which haven't yet been included within the commercial pack.