ModSecurity
Discover what ModSecurity is, how it works and precisely what it does to protect your web sites and applications.
ModSecurity is a highly effective web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to an Internet site without affecting its functionality and when it identifies an intrusion attempt, it prevents it. The firewall furthermore maintains a more detailed log for the website visitors than any web server does, so you shall manage to keep track of what's going on with your sites much better than if you rely merely on standard logs. ModSecurity employs security rules based on which it stops attacks. For example, it detects whether somebody is trying to log in to the administrator area of a certain script a number of times or if a request is sent to execute a file with a certain command. In these situations these attempts set off the corresponding rules and the firewall program blocks the attempts right away, and then records comprehensive details about them within its logs. ModSecurity is one of the best software firewalls out there and it can easily protect your web apps against thousands of threats and vulnerabilities, particularly in case you don’t update them or their plugins often.
-
ModSecurity in Cloud Hosting
We offer ModSecurity with all
cloud hosting packages, so your Internet apps shall be protected against malicious attacks. The firewall is activated as standard for all domains and subdomains, but in case you'd like, you'll be able to stop it through the respective part of your Hepsia CP. You could also activate a detection mode, so ModSecurity shall keep a log as intended, but shall not take any action. The logs that you'll find within Hepsia are very detailed and include data about the nature of any attack, when it happened and from what IP, the firewall rule that was triggered, etcetera. We employ a set of commercial rules that are regularly updated, but sometimes our admins add custom rules as well so as to efficiently protect the Internet sites hosted on our servers.
-
ModSecurity in Semi-dedicated Servers
Any web application which you set up within your new
semi-dedicated server account will be protected by ModSecurity as the firewall is provided with all our hosting solutions and is turned on by default for any domain and subdomain you include or create through your Hepsia hosting CP. You shall be able to manage ModSecurity through a dedicated area within Hepsia where not simply could you activate or deactivate it fully, but you may also activate a passive mode, so the firewall shall not stop anything, but it will still keep an archive of potential attacks. This requires simply a mouse click and you shall be able to look at the logs regardless of if ModSecurity is in passive or active mode through the same section - what the attack was and where it came from, how it was handled, etcetera. The firewall uses 2 groups of rules on our web servers - a commercial one which we get from a third-party web security firm and a custom one that our admins update manually in order to respond to recently discovered risks immediately.
-
ModSecurity in VPS Servers
All
VPS servers that are set up with the Hepsia CP include ModSecurity. The firewall is installed and switched on by default for all domains which are hosted on the web server, so there will not be anything special which you'll have to do to protect your websites. It shall take you a mouse click to stop ModSecurity if needed or to turn on its passive mode so that it records what goes on without taking any steps to stop intrusions. You shall be able to see the logs generated in active or passive mode through the corresponding section of Hepsia and find out more about the type of the attack, where it originated from, what rule the firewall used to take care of it, etc. We employ a mix of commercial and custom rules so as to make certain that ModSecurity shall stop as many risks as possible, thus boosting the protection of your web applications as much as possible.
-
ModSecurity in Dedicated Servers
ModSecurity is provided as standard with all
dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain you host or subdomain which you create on the hosting server. In case that a web application does not work adequately, you may either turn off the firewall or set it to function in passive mode. The second means that ModSecurity shall maintain a log of any potential attack that could occur, but shall not take any action to prevent it. The logs created in active or passive mode will present you with additional details about the exact file which was attacked, the form of the attack and the IP it came from, etcetera. This info will allow you to determine what measures you can take to increase the safety of your sites, such as blocking IPs or performing script and plugin updates. The ModSecurity rules we use are updated regularly with a commercial pack from a third-party security firm we work with, but sometimes our staff include their own rules as well if they find a new potential threat.