ModSecurity
Discover how having ModSecurity enabled inside your website hosting account could help silently with your web site security.
ModSecurity is an efficient firewall for Apache web servers that is used to prevent attacks towards web apps. It monitors the HTTP traffic to a certain Internet site in real time and stops any intrusion attempts as soon as it identifies them. The firewall uses a set of rules to do this - for example, attempting to log in to a script administration area unsuccessfully several times triggers one rule, sending a request to execute a particular file which may result in gaining access to the Internet site triggers a different rule, and so on. ModSecurity is among the best firewalls on the market and it will preserve even scripts that aren't updated regularly since it can prevent attackers from using known exploits and security holes. Quite thorough data about each and every intrusion attempt is recorded and the logs the firewall maintains are considerably more detailed than the regular logs provided by the Apache server, so you could later examine them and decide if you need to take additional measures in order to improve the safety of your script-driven sites.
-
ModSecurity in Shared Website Hosting
ModSecurity comes standard with all
shared website hosting plans which we supply and it will be switched on automatically for any domain or subdomain which you add/create within your Hepsia hosting Control Panel. The firewall has 3 different modes, so you can activate and disable it with simply a click or set it to detection mode, so it'll keep a log of all attacks, but it'll not do anything to prevent them. The log for each of your websites will feature elaborate info such as the nature of the attack, where it originated from, what action was taken by ModSecurity, etcetera. The firewall rules that we use are constantly updated and consist of both commercial ones which we get from a third-party security firm and custom ones that our system administrators include in the event that they detect a new type of attacks. In this way, the sites that you host here shall be a lot more secure with no action expected on your end.
-
ModSecurity in Semi-dedicated Servers
All
semi-dedicated server solutions which we offer feature ModSecurity and because the firewall is switched on by default, any Internet site which you set up under a domain or a subdomain will be secured right from the start. A separate section within the Hepsia Control Panel that comes with the semi-dedicated accounts is devoted to ModSecurity and it will allow you to stop and start the firewall for any Internet site or activate a detection mode. With the latter, ModSecurity shall not take any action, but it'll still detect possible attacks and shall keep all information inside a log as if it were fully active. The logs could be found in the exact same section of the Control Panel and they include info about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to identify and stop it, etcetera. The security rules we employ on our web servers are a mix of commercial ones from a security business and custom ones developed by our system administrators. Therefore, we offer higher security for your web apps as we can protect them from attacks before security corporations release updates for new threats.
-
ModSecurity in VPS Servers
All
VPS servers that are set up with the Hepsia Control Panel feature ModSecurity. The firewall is set up and activated by default for all domains that are hosted on the server, so there shall not be anything special which you'll need to do to protect your websites. It will take you simply a click to stop ModSecurity if required or to turn on its passive mode so that it records what goes on without taking any steps to stop intrusions. You'll be able to see the logs generated in active or passive mode from the corresponding section of Hepsia and find out more about the type of the attack, where it came from, what rule the firewall used to take care of it, and so on. We employ a mix of commercial and custom rules in order to make sure that ModSecurity will block as many risks as possible, thus enhancing the protection of your web programs as much as possible.
-
ModSecurity in Dedicated Servers
When you decide to host your sites on a
dedicated server with the Hepsia Control Panel, your web apps shall be protected right from the start because ModSecurity is supplied with all Hepsia-based packages. You will be able to manage the firewall without difficulty and if needed, you shall be able to turn it off or switch on its passive mode when it will only maintain a log of what's taking place without taking any action to stop possible attacks. The logs which you will find inside the same section of the Control Panel are incredibly detailed and feature data about the attacker IP, what site and file were attacked and in what ways, what rule the firewall used to prevent the intrusion, etcetera. This data shall allow you to take measures and boost the protection of your sites even more. To be on the safe side, we use not only commercial rules, but also custom-made ones that our admins include when they recognize attacks which haven't yet been included in the commercial pack.