Discover what ModSecurity is in fact, the way it works and just what it does to guard your websites and web apps.
ModSecurity is an effective firewall for Apache web servers that is used to prevent attacks toward web apps. It keeps track of the HTTP traffic to a given Internet site in real time and blocks any intrusion attempts as soon as it discovers them. The firewall relies on a set of rules to do this - as an illustration, trying to log in to a script administrator area without success many times activates one rule, sending a request to execute a particular file that could result in getting access to the site triggers a different rule, etc. ModSecurity is amongst the best firewalls available and it'll preserve even scripts which are not updated on a regular basis because it can prevent attackers from using known exploits and security holes. Quite thorough data about every intrusion attempt is recorded and the logs the firewall keeps are far more comprehensive than the standard logs created by the Apache server, so you could later analyze them and determine if you need to take extra measures in order to improve the safety of your script-driven sites.
ModSecurity in Cloud Hosting
ModSecurity comes standard with all cloud hosting
packages which we offer and it shall be switched on automatically for any domain or subdomain you add/create in your Hepsia hosting CP. The firewall has three different modes, so you can switch on and deactivate it with only a click or set it to detection mode, so it shall keep a log of all attacks, but it will not do anything to prevent them. The log for each of your websites shall include comprehensive information which includes the nature of the attack, where it originated from, what action was taken by ModSecurity, etcetera. The firewall rules we use are constantly updated and comprise of both commercial ones which we get from a third-party security firm and custom ones which our system administrators include in the event that they detect a new sort of attacks. In this way, the sites you host here will be way more protected with no action expected on your end.
ModSecurity in Semi-dedicated Hosting
We have incorporated ModSecurity as a standard within all semi-dedicated hosting
packages, so your web applications shall be protected the instant you set them up under any domain or subdomain. The Hepsia CP which is included with the semi-dedicated accounts will permit you to switch on or disable the firewall for any website with a mouse click. You shall also be able to switch on a passive detection mode through which ModSecurity will maintain a log of potential attacks without actually stopping them. The detailed logs contain the nature of the attack and what ModSecurity response this attack caused, where it came from, etc. The list of rules we employ is regularly updated as to match any new threats which could appear on the Internet and it features both commercial rules that we get from a security company and custom-written ones that our admins include in case they find a threat which is not present within the commercial list yet.
ModSecurity in Dedicated Hosting
All of our dedicated servers
that are installed with the Hepsia hosting Control Panel feature ModSecurity, so any app which you upload or set up shall be protected from the very beginning and you will not have to worry about common attacks or vulnerabilities. An individual section within Hepsia will permit you to start or stop the firewall for any domain or subdomain, or switch on a detection mode so that it records information regarding intrusions, but does not take actions to prevent them. What you will find in the logs can enable you to to secure your sites better - the IP an attack originated from, what site was attacked and how, what ModSecurity rule was triggered, and so on. With this information, you can see if a site needs an update, if you ought to block IPs from accessing your web server, and so forth. Besides the third-party commercial security rules for ModSecurity that we use, our administrators include custom ones as well whenever they come across a new threat that is not yet included in the commercial bundle.