Find out what ModSecurity is really, the way it works and just what it can do to protect your web sites and applications.
ModSecurity is a plugin for Apache web servers that functions as a web app layer firewall. It's employed to stop attacks towards script-driven sites through the use of security rules that contain specific expressions. In this way, the firewall can stop hacking and spamming attempts and preserve even sites that are not updated frequently. For example, a number of failed login attempts to a script administrator area or attempts to execute a specific file with the purpose to get access to the script shall trigger specific rules, so ModSecurity shall stop these activities the moment it identifies them. The firewall is very efficient since it tracks the whole HTTP traffic to an Internet site in real time without slowing it down, so it can stop an attack before any damage is done. It furthermore maintains an exceptionally comprehensive log of all attack attempts that includes more information than standard Apache logs, so you could later examine the data and take further measures to boost the security of your websites if required.
ModSecurity in Web Hosting
ModSecurity is supplied with all web hosting
web servers, so if you choose to host your Internet sites with our business, they will be resistant to a wide range of attacks. The firewall is turned on as standard for all domains and subdomains, so there'll be nothing you shall need to do on your end. You will be able to stop ModSecurity for any Internet site if needed, or to enable a detection mode, so all activity will be recorded, but the firewall shall not take any real action. You'll be able to view specific logs via your Hepsia Control Panel including the IP address where the attack originated from, what the attacker wished to do and how ModSecurity handled the threat. As we take the security of our customers' sites seriously, we use a group of commercial rules that we take from one of the leading firms that maintain this sort of rules. Our admins also include custom rules to make certain that your websites will be protected against as many threats as possible.
ModSecurity in Semi-dedicated Servers
ModSecurity is part of our semi-dedicated server
solutions and if you decide to host your sites with our company, there won't be anything special you will have to do as the firewall is switched on by default for all domains and subdomains you add through your hosting Control Panel. If needed, you'll be able to disable ModSecurity for a given website or switch on the so-called detection mode in which case the firewall will still work and record info, but will not do anything to prevent potential attacks against your websites. Comprehensive logs shall be available inside your Control Panel and you shall be able to see what sort of attacks took place, what security rules were triggered and how the firewall handled the threats, what Internet protocol addresses the attacks originated from, etcetera. We use two types of rules on our servers - commercial ones from an organization that operates in the field of web security, and custom ones which our administrators often add to respond to newly found risks promptly.
ModSecurity in Dedicated Servers
ModSecurity comes with all dedicated servers
that are set up with our Hepsia CP and you won't need to do anything specific on your end to use it since it's enabled by default each time you add a new domain or subdomain on your server. If it disrupts some of your apps, you will be able to stop it through the respective area of Hepsia, or you can leave it operating in passive mode, so it shall recognize attacks and will still keep a log for them, but will not block them. You could analyze the logs later to determine what you can do to improve the protection of your websites as you will find details such as where an intrusion attempt originated from, what site was attacked and based on what rule ModSecurity reacted, and so forth. The rules that we employ are commercial, therefore they're frequently updated by a security firm, but to be on the safe side, our admins also include custom rules occasionally as to react to any new threats they have identified.