ModSecurity
Learn what ModSecurity is, the way it works and just what exactly it does to protect your sites and web applications.
ModSecurity is a plugin for Apache web servers that acts as a web app layer firewall. It's used to stop attacks toward script-driven sites by using security rules which contain certain expressions. In this way, the firewall can stop hacking and spamming attempts and preserve even Internet sites that are not updated regularly. For instance, multiple unsuccessful login attempts to a script admin area or attempts to execute a certain file with the intention to get access to the script shall trigger certain rules, so ModSecurity will block these activities the moment it identifies them. The firewall is extremely efficient as it monitors the whole HTTP traffic to a website in real time without slowing it down, so it could stop an attack before any harm is done. It furthermore keeps a very comprehensive log of all attack attempts that features more info than typical Apache logs, so you can later analyze the data and take further measures to increase the security of your sites if needed.
-
ModSecurity in Website Hosting
We offer ModSecurity with all
website hosting packages, so your web applications shall be protected against destructive attacks. The firewall is activated by default for all domains and subdomains, but in case you'd like, you will be able to stop it using the respective part of your Hepsia CP. You'll be able to also activate a detection mode, so ModSecurity will keep a log as intended, but shall not take any action. The logs that you will find inside Hepsia are quite detailed and offer information about the nature of any attack, when it happened and from what IP, the firewall rule which was triggered, and so forth. We use a set of commercial rules which are often updated, but sometimes our administrators include custom rules as well so as to efficiently protect the websites hosted on our servers.
-
ModSecurity in VPS Hosting
ModSecurity is pre-installed on all
virtual private servers that are provided with the Hepsia hosting Control Panel, so your web applications shall be protected from the second your server is ready. The firewall is activated by default for any domain or subdomain on the Virtual Private Server, but if needed, you can deactivate it with a mouse click through the corresponding section of Hepsia. You may also set it to work in detection mode, so it will keep an extensive log of any possible attacks without taking any action to prevent them. The logs can be found within the very same section and provide information regarding the nature of the attack, what IP address it came from and what ModSecurity rule was triggered to stop it. For maximum security, we use not just commercial rules from a business working in the field of web security, but also custom ones which our admins include personally in order to react to new risks that are still not dealt with in the commercial rules.
-
ModSecurity in Dedicated Web Hosting
ModSecurity is included with all
dedicated servers which are integrated with our Hepsia Control Panel and you won't have to do anything specific on your end to employ it as it's turned on by default every time you add a new domain or subdomain on your hosting server. In the event that it disrupts any of your apps, you will be able to stop it through the respective section of Hepsia, or you may leave it working in passive mode, so it shall recognize attacks and will still maintain a log for them, but won't prevent them. You could analyze the logs later to determine what you can do to improve the security of your websites as you shall find info such as where an intrusion attempt came from, what site was attacked and based on what rule ModSecurity responded, etcetera. The rules we use are commercial, thus they are regularly updated by a security provider, but to be on the safe side, our administrators also add custom rules from time to time in order to react to any new threats they have found.
