ModSecurity
Find out what ModSecurity is, how it functions and just what it does to protect your Internet sites and applications.
ModSecurity is an effective firewall for Apache web servers that's employed to stop attacks against web applications. It monitors the HTTP traffic to a given website in real time and stops any intrusion attempts the instant it detects them. The firewall relies on a set of rules to do that - for example, trying to log in to a script administrator area without success many times activates one rule, sending a request to execute a certain file that could result in accessing the website triggers a different rule, and so on. ModSecurity is among the best firewalls available and it will preserve even scripts which are not updated often because it can prevent attackers from using known exploits and security holes. Quite comprehensive data about every intrusion attempt is recorded and the logs the firewall keeps are much more comprehensive than the conventional logs created by the Apache server, so you can later examine them and decide whether you need to take additional measures in order to improve the security of your script-driven sites.
-
ModSecurity in Cloud Website Hosting
We offer ModSecurity with all
cloud website hosting solutions, so your Internet apps will be protected against malicious attacks. The firewall is switched on by default for all domains and subdomains, but if you would like, you will be able to stop it through the respective section of your Hepsia CP. You could also switch on a detection mode, so ModSecurity will keep a log as intended, but will not take any action. The logs which you shall find inside Hepsia are quite detailed and feature data about the nature of any attack, when it occurred and from what IP address, the firewall rule which was triggered, etcetera. We use a group of commercial rules which are regularly updated, but sometimes our admins include custom rules as well in order to efficiently protect the websites hosted on our servers.
-
ModSecurity in Semi-dedicated Servers
All
semi-dedicated server packages that we offer feature ModSecurity and given that the firewall is enabled by default, any website that you set up under a domain or a subdomain will be protected straight away. An individual section in the Hepsia CP which comes with the semi-dedicated accounts is devoted to ModSecurity and it'll allow you to start and stop the firewall for any site or enable a detection mode. With the latter, ModSecurity will not take any action, but it shall still recognize possible attacks and shall keep all data in a log as if it were completely active. The logs could be found within the very same section of the CP and they offer information regarding the IP where an attack originated from, what its nature was, what rule ModSecurity applies to identify and stop it, and so forth. The security rules that we use on our servers are a mix of commercial ones from a security business and custom ones made by our system admins. Therefore, we provide greater security for your web applications as we can defend them from attacks even before security firms release updates for new threats.
-
ModSecurity in VPS Servers
All
VPS servers that are provided with the Hepsia CP feature ModSecurity. The firewall is set up and activated by default for all domains which are hosted on the server, so there shall not be anything special which you'll need to do to protect your sites. It'll take you a click to stop ModSecurity if needed or to turn on its passive mode so that it records what goes on without taking any actions to stop intrusions. You will be able to view the logs produced in passive or active mode through the corresponding section of Hepsia and learn more about the form of the attack, where it originated from, what rule the firewall used to tackle it, and so forth. We employ a mixture of commercial and custom rules so as to make certain that ModSecurity shall stop as many risks as possible, thus increasing the security of your web apps as much as possible.
-
ModSecurity in Dedicated Servers
When you decide to host your websites on a
dedicated server with the Hepsia CP, your web applications shall be secured right from the start since ModSecurity is available with all Hepsia-based packages. You'll be able to regulate the firewall effortlessly and if required, you shall be able to turn it off or switch on its passive mode when it will only maintain a log of what is occurring without taking any action to prevent potential attacks. The logs which you'll find inside the exact same section of the Control Panel are quite detailed and contain info about the attacker IP address, what website and file were attacked and in what ways, what rule the firewall employed to stop the intrusion, and so forth. This info will enable you to take measures and increase the security of your Internet sites even more. To be on the safe side, we employ not just commercial rules, but also custom-made ones which our admins add every time they recognize attacks which have not yet been included inside the commercial pack.
