Learn what ModSecurity is really, how it works and what exactly it can do to guard your sites and web apps.
ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to an Internet site without affecting its performance and if it identifies an intrusion attempt, it blocks it. The firewall additionally keeps a more comprehensive log for the site visitors than any web server does, so you'll manage to keep an eye on what's happening with your websites better than if you rely merely on conventional logs. ModSecurity works with security rules based on which it prevents attacks. For instance, it detects whether anyone is trying to log in to the admin area of a given script several times or if a request is sent to execute a file with a particular command. In such cases these attempts set off the corresponding rules and the firewall blocks the attempts in real time, and then records detailed information about them in its logs. ModSecurity is amongst the very best software firewalls on the market and it can easily protect your web applications against a huge number of threats and vulnerabilities, especially if you don’t update them or their plugins regularly.
ModSecurity in Cloud Hosting
ModSecurity is offered with each cloud hosting
solution which we offer and it is switched on by default for every domain or subdomain that you add through your Hepsia CP. If it interferes with any of your apps or you would like to disable it for whatever reason, you shall be able to do that through the ModSecurity section of Hepsia with simply a mouse click. You could also enable a passive mode, so the firewall will recognize potential attacks and maintain a log, but will not take any action. You could view extensive logs in the very same section, including the IP where the attack originated from, what exactly the attacker aimed to do and at what time, what ModSecurity did, etcetera. For maximum safety of our customers we use a collection of commercial firewall rules blended with custom ones that are included by our system administrators.
ModSecurity in Semi-dedicated Servers
We've incorporated ModSecurity as a standard within all semi-dedicated server
plans, so your web applications will be protected whenever you set them up under any domain or subdomain. The Hepsia CP which is included with the semi-dedicated accounts will permit you to activate or disable the firewall for any website with a mouse click. You will also have the ability to switch on a passive detection mode with which ModSecurity shall keep a log of possible attacks without really stopping them. The comprehensive logs include the nature of the attack and what ModSecurity response this attack activated, where it originated from, and so on. The list of rules which we use is frequently updated as to match any new risks which might appear on the Internet and it includes both commercial rules that we get from a security business and custom-written ones which our administrators add in case they find a threat that's not present within the commercial list yet.
ModSecurity in VPS Servers
Safety is essential to us, so we set up ModSecurity on all VPS servers
which are made available with the Hepsia Control Panel by default. The firewall could be managed through a dedicated section within Hepsia and is turned on automatically when you add a new domain or create a subdomain, so you won't have to do anything by hand. You shall also be able to disable it or turn on the so-called detection mode, so it shall maintain a log of potential attacks which you can later study, but won't block them. The logs in both passive and active modes contain info about the form of the attack and how it was eliminated, what IP it originated from and other important data which might help you to tighten the security of your Internet sites by updating them or blocking IPs, as an example. In addition to the commercial rules which we get for ModSecurity from a third-party security company, we also implement our own rules because every now and then we identify specific attacks which aren't yet present within the commercial pack. This way, we can easily improve the protection of your Virtual private server promptly rather than waiting for a certified update.
ModSecurity in Dedicated Servers
ModSecurity is provided with all dedicated servers
which are integrated with our Hepsia Control Panel and you'll not need to do anything specific on your end to use it because it is switched on by default whenever you include a new domain or subdomain on your hosting server. In the event that it interferes with some of your programs, you'll be able to stop it through the respective part of Hepsia, or you may leave it working in passive mode, so it shall recognize attacks and shall still maintain a log for them, but shall not block them. You could look at the logs later to learn what you can do to improve the safety of your websites as you'll find details such as where an intrusion attempt came from, what Internet site was attacked and based on what rule ModSecurity reacted, etcetera. The rules which we employ are commercial, therefore they are frequently updated by a security firm, but to be on the safe side, our staff also add custom rules occasionally as to deal with any new threats they have identified.