ModSecurity
Find out how having ModSecurity enabled within your hosting account could help silently with your site security.
ModSecurity is a plugin for Apache web servers which functions as a web application layer firewall. It's employed to prevent attacks against script-driven Internet sites by using security rules that contain particular expressions. In this way, the firewall can stop hacking and spamming attempts and shield even Internet sites that aren't updated on a regular basis. For example, several failed login attempts to a script admin area or attempts to execute a certain file with the purpose to get access to the script shall trigger specific rules, so ModSecurity shall block these activities the moment it detects them. The firewall is extremely efficient because it screens the whole HTTP traffic to a site in real time without slowing it down, so it could stop an attack before any damage is done. It furthermore maintains a very detailed log of all attack attempts that contains more information than standard Apache logs, so you can later analyze the data and take additional measures to boost the security of your websites if required.
-
ModSecurity in Cloud Hosting
ModSecurity is offered with each and every
cloud hosting solution that we offer and it's switched on by default for every domain or subdomain which you add through your Hepsia CP. In case it interferes with any of your programs or you would like to disable it for some reason, you shall be able to do this through the ModSecurity area of Hepsia with merely a click. You may also use a passive mode, so the firewall will detect possible attacks and maintain a log, but won't take any action. You can see comprehensive logs in the exact same section, including the IP address where the attack came from, exactly what the attacker aimed to do and at what time, what ModSecurity did, and so forth. For optimum protection of our clients we use a set of commercial firewall rules blended with custom ones which are added by our system admins.
-
ModSecurity in Semi-dedicated Hosting
ModSecurity is a part of our
semi-dedicated hosting packages and if you decide to host your sites with us, there will not be anything special you'll have to do since the firewall is turned on by default for all domains and subdomains that you add using your hosting Control Panel. If needed, you could disable ModSecurity for a certain Internet site or enable the so-called detection mode in which case the firewall will still operate and record information, but shall not do anything to prevent potential attacks on your Internet sites. Detailed logs will be available within your CP and you will be able to see which kind of attacks took place, what security rules were triggered and how the firewall handled the threats, what IP addresses the attacks originated from, etc. We employ 2 sorts of rules on our servers - commercial ones from a business that operates in the field of web security, and custom made ones that our admins occasionally include to respond to newly found risks in a timely manner.
-
ModSecurity in VPS Web Hosting
All
virtual private servers which are offered with the Hepsia Control Panel include ModSecurity. The firewall is installed and switched on by default for all domains that are hosted on the machine, so there won't be anything special which you'll need to do to protect your Internet sites. It shall take you a mouse click to stop ModSecurity if needed or to switch on its passive mode so that it records what occurs without taking any steps to prevent intrusions. You'll be able to see the logs created in active or passive mode from the corresponding section of Hepsia and learn more about the form of the attack, where it originated from, what rule the firewall used to take care of it, and so on. We employ a combination of commercial and custom rules in order to make certain that ModSecurity will prevent as many risks as possible, consequently enhancing the security of your web programs as much as possible.
-
ModSecurity in Dedicated Servers Hosting
When you choose to host your websites on a
dedicated server with the Hepsia Control Panel, your web applications will be secured right from the start since ModSecurity is supplied with all Hepsia-based packages. You will be able to control the firewall with ease and if needed, you shall be able to turn it off or activate its passive mode when it will only keep a log of what is going on without taking any action to prevent potential attacks. The logs which you can find inside the exact same section of the Control Panel are really detailed and include data about the attacker IP, what site and file were attacked and in what way, what rule the firewall employed to prevent the intrusion, and so forth. This information shall permit you to take measures and enhance the protection of your Internet sites even more. To be on the safe side, we use not only commercial rules, but also custom-made ones that our admins add every time they recognize attacks that haven't yet been included inside the commercial pack.