Learn what ModSecurity is, how it works and what exactly it does so as to protect your Internet sites and applications.
ModSecurity is a powerful web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its functionality and if it identifies an intrusion attempt, it prevents it. The firewall also maintains a more thorough log for the traffic than any web server does, so you'll be able to keep track of what's going on with your Internet sites a lot better than if you rely only on conventional logs. ModSecurity employs security rules based on which it stops attacks. For example, it identifies if somebody is attempting to log in to the administration area of a given script a number of times or if a request is sent to execute a file with a certain command. In such circumstances these attempts trigger the corresponding rules and the firewall program hinders the attempts immediately, and then records in-depth information about them in its logs. ModSecurity is amongst the most effective software firewalls available and it can protect your web apps against a large number of threats and vulnerabilities, especially if you don’t update them or their plugins often.
ModSecurity in Shared Hosting
We offer ModSecurity with all shared hosting
packages, so your Internet applications will be shielded from harmful attacks. The firewall is switched on by default for all domains and subdomains, but in case you'd like, you'll be able to stop it using the respective part of your Hepsia CP. You'll be able to also switch on a detection mode, so ModSecurity will keep a log as intended, but shall not take any action. The logs that you shall find inside Hepsia are extremely detailed and offer information about the nature of any attack, when it took place and from what IP, the firewall rule that was triggered, and so forth. We use a range of commercial rules which are frequently updated, but sometimes our administrators add custom rules as well in order to better protect the websites hosted on our machines.
ModSecurity in Semi-dedicated Hosting
ModSecurity is part of our semi-dedicated hosting
plans and if you opt to host your Internet sites with our company, there won't be anything special you will have to do as the firewall is turned on by default for all domains and subdomains which you include via your hosting Control Panel. If required, you'll be able to disable ModSecurity for a given Internet site or enable the so-called detection mode in which case the firewall shall still work and record info, but will not do anything to stop possible attacks on your websites. Comprehensive logs shall be readily available inside your CP and you shall be able to see what sort of attacks occurred, what security rules were triggered and how the firewall addressed the threats, what IP addresses the attacks originated from, and so on. We employ 2 types of rules on our servers - commercial ones from an organization which operates in the field of web security, and custom made ones that our administrators sometimes include to respond to newly found threats on time.
ModSecurity in Dedicated Servers Hosting
All our dedicated servers
that are set up with the Hepsia hosting CP include ModSecurity, so any application you upload or install will be protected from the very beginning and you'll not have to stress about common attacks or vulnerabilities. An individual section inside Hepsia will permit you to start or stop the firewall for every domain or subdomain, or turn on a detection mode so that it records details about intrusions, but doesn't take actions to stop them. What you'll see in the logs can help you to secure your sites better - the IP address an attack originated from, what site was attacked and in what way, what ModSecurity rule was triggered, and so forth. With this info, you could see whether a site needs an update, if you should block IPs from accessing your web server, etcetera. In addition to the third-party commercial security rules for ModSecurity which we use, our admins include custom ones as well whenever they find a new threat that is not yet in the commercial bundle.