ModSecurity
Discover how having ModSecurity enabled in your website hosting account will help silently with your web site security.
ModSecurity is a plugin for Apache web servers that acts as a web app layer firewall. It is used to prevent attacks towards script-driven Internet sites by employing security rules that contain particular expressions. In this way, the firewall can block hacking and spamming attempts and preserve even Internet sites that are not updated often. As an example, several unsuccessful login attempts to a script administrator area or attempts to execute a specific file with the objective to get access to the script shall trigger particular rules, so ModSecurity shall block out these activities the minute it identifies them. The firewall is incredibly efficient because it screens the whole HTTP traffic to a site in real time without slowing it down, so it will be able to prevent an attack before any harm is done. It furthermore keeps an incredibly thorough log of all attack attempts that includes more information than traditional Apache logs, so you can later check out the data and take further measures to increase the security of your Internet sites if necessary.
-
ModSecurity in Cloud Hosting
We provide ModSecurity with all
cloud hosting packages, so your web apps will be resistant to malicious attacks. The firewall is activated as standard for all domains and subdomains, but in case you would like, you'll be able to stop it via the respective part of your Hepsia Control Panel. You'll be able to also switch on a detection mode, so ModSecurity will keep a log as intended, but won't take any action. The logs that you'll find in Hepsia are incredibly detailed and offer information about the nature of any attack, when it transpired and from what IP address, the firewall rule which was triggered, and so forth. We use a range of commercial rules that are frequently updated, but sometimes our administrators add custom rules as well so as to efficiently protect the websites hosted on our servers.
-
ModSecurity in Semi-dedicated Servers
All
semi-dedicated server plans which we offer come with ModSecurity and given that the firewall is turned on by default, any site that you create under a domain or a subdomain shall be protected straight away. A separate section within the Hepsia CP which comes with the semi-dedicated accounts is devoted to ModSecurity and it shall allow you to stop and start the firewall for any Internet site or activate a detection mode. With the latter, ModSecurity won't take any action, but it shall still detect possible attacks and will keep all data in a log as if it were fully active. The logs could be found inside the exact same section of the Control Panel and they include information about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to identify and stop it, etc. The security rules we employ on our servers are a mix between commercial ones from a security business and custom ones created by our system admins. As a result, we provide higher security for your web applications as we can protect them from attacks even before security companies release updates for brand new threats.
-
ModSecurity in VPS Servers
All
VPS servers which are provided with the Hepsia Control Panel include ModSecurity. The firewall is set up and switched on by default for all domains that are hosted on the web server, so there will not be anything special that you will have to do to protect your websites. It shall take you a mouse click to stop ModSecurity if needed or to turn on its passive mode so that it records what occurs without taking any measures to prevent intrusions. You'll be able to view the logs created in active or passive mode through the corresponding section of Hepsia and discover more about the form of the attack, where it originated from, what rule the firewall employed to deal with it, etcetera. We use a mix of commercial and custom rules so as to make certain that ModSecurity will block as many threats as possible, thus boosting the protection of your web apps as much as possible.
-
ModSecurity in Dedicated Servers
When you opt to host your websites on a
dedicated server with the Hepsia CP, your web apps will be protected immediately as ModSecurity is provided with all Hepsia-based plans. You will be able to control the firewall without difficulty and if required, you'll be able to turn it off or switch on its passive mode when it will only keep a log of what's going on without taking any action to prevent possible attacks. The logs that you'll find in the exact same section of the Control Panel are quite detailed and contain details about the attacker IP, what website and file were attacked and in what ways, what rule the firewall employed to prevent the intrusion, and so on. This data will permit you to take measures and improve the protection of your sites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones that our admins include when they detect attacks that have not yet been included inside the commercial pack.