ModSecurity
Learn how having ModSecurity activated within your web hosting account will help silently with your web site protection.
ModSecurity is an effective firewall for Apache web servers that's used to stop attacks toward web applications. It keeps track of the HTTP traffic to a specific site in real time and prevents any intrusion attempts as soon as it identifies them. The firewall uses a set of rules to do that - for instance, trying to log in to a script administration area without success a few times activates one rule, sending a request to execute a specific file that may result in getting access to the site triggers another rule, and so forth. ModSecurity is among the best firewalls out there and it'll secure even scripts that are not updated frequently as it can prevent attackers from employing known exploits and security holes. Quite thorough data about each intrusion attempt is recorded and the logs the firewall maintains are considerably more detailed than the standard logs provided by the Apache server, so you can later examine them and determine if you need to take extra measures in order to increase the protection of your script-driven Internet sites.
-
ModSecurity in Semi-dedicated Servers
All
semi-dedicated server packages that we offer come with ModSecurity and given that the firewall is turned on by default, any Internet site which you build under a domain or a subdomain will be protected immediately. An independent section within the Hepsia CP that comes with the semi-dedicated accounts is dedicated to ModSecurity and it shall enable you to start and stop the firewall for any site or activate a detection mode. With the last mentioned, ModSecurity will not take any action, but it will still recognize possible attacks and will keep all info in a log as if it were 100% active. The logs can be found inside the same section of the Control Panel and they feature specifics about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to identify and stop it, etcetera. The security rules that we employ on our web servers are a mix of commercial ones from a security business and custom ones developed by our system admins. Therefore, we provide higher security for your web applications as we can defend them from attacks even before security firms release updates for brand new threats.
-
ModSecurity in VPS Servers
Protection is essential to us, so we install ModSecurity on all
VPS servers that are provided with the Hepsia Control Panel as a standard. The firewall can be managed through a dedicated section in Hepsia and is switched on automatically when you include a new domain or generate a subdomain, so you'll not need to do anything manually. You shall also be able to disable it or activate the so-called detection mode, so it shall maintain a log of possible attacks you can later analyze, but will not block them. The logs in both passive and active modes contain details regarding the type of the attack and how it was eliminated, what IP address it originated from and other important info that could help you to tighten the security of your sites by updating them or blocking IPs, for example. On top of the commercial rules which we get for ModSecurity from a third-party security company, we also employ our own rules since once in a while we identify specific attacks which aren't yet present within the commercial package. That way, we can increase the protection of your Virtual private server right away as opposed to awaiting an official update.
-
ModSecurity in Dedicated Servers
When you opt to host your websites on a
dedicated server with the Hepsia Control Panel, your web applications shall be protected right from the start because ModSecurity is available with all Hepsia-based plans. You'll be able to control the firewall with ease and if necessary, you'll be able to turn it off or activate its passive mode when it'll only maintain a log of what is taking place without taking any action to stop potential attacks. The logs which you can find inside the same section of the CP are incredibly detailed and feature info about the attacker IP address, what site and file were attacked and in what ways, what rule the firewall employed to prevent the intrusion, and so forth. This info will permit you to take measures and improve the protection of your Internet sites even more. To be on the safe side, we use not only commercial rules, but also custom-made ones which our admins include every time they recognize attacks that have not yet been included in the commercial pack.
