ModSecurity
Learn what ModSecurity is, how it works and precisely what it does in order to protect your web sites and apps.
ModSecurity is a highly effective web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its performance and if it discovers an intrusion attempt, it prevents it. The firewall furthermore keeps a more detailed log for the traffic than any web server does, so you'll manage to keep track of what is going on with your websites a lot better than if you rely only on standard logs. ModSecurity employs security rules based on which it prevents attacks. For instance, it detects if someone is trying to log in to the administration area of a certain script a number of times or if a request is sent to execute a file with a certain command. In such cases these attempts set off the corresponding rules and the firewall program hinders the attempts instantly, and then records comprehensive details about them in its logs. ModSecurity is amongst the best software firewalls available and it can protect your web apps against a large number of threats and vulnerabilities, especially in case you don’t update them or their plugins often.
-
ModSecurity in Website Hosting
ModSecurity is available with every
website hosting package which we provide and it's turned on by default for any domain or subdomain which you include through your Hepsia Control Panel. If it interferes with any of your apps or you'd like to disable it for some reason, you'll be able to do that through the ModSecurity area of Hepsia with just a click. You may also activate a passive mode, so the firewall will discover potential attacks and keep a log, but will not take any action. You can view detailed logs in the exact same section, including the IP where the attack came from, exactly what the attacker tried to do and at what time, what ModSecurity did, etc. For maximum safety of our clients we use a set of commercial firewall rules blended with custom ones which are included by our system admins.
-
ModSecurity in Semi-dedicated Hosting
ModSecurity is a part of our semi-dedicated hosting packages and if you decide to host your Internet sites with us, there will not be anything special you'll have to do as the firewall is switched on by default for all domains and subdomains which you include through your hosting CP. If needed, you could disable ModSecurity for a certain site or turn on the so-called detection mode in which case the firewall will still function and record info, but will not do anything to stop potential attacks against your websites. In depth logs shall be readily available in your Control Panel and you shall be able to see which kind of attacks took place, what security rules were triggered and how the firewall dealt with the threats, what Internet protocol addresses the attacks originated from, and so on. We use 2 types of rules on our servers - commercial ones from an organization which operates in the field of web security, and customized ones which our admins occasionally add to respond to newly found threats on time.
-
ModSecurity in Dedicated Servers Hosting
All our
dedicated servers which are installed with the Hepsia hosting Control Panel include ModSecurity, so any program which you upload or install shall be protected from the very beginning and you will not need to stress about common attacks or vulnerabilities. An individual section inside Hepsia will permit you to start or stop the firewall for any domain or subdomain, or activate a detection mode so that it records info about intrusions, but does not take actions to prevent them. What you shall discover in the logs shall enable you to to secure your Internet sites better - the IP address an attack came from, what site was attacked and exactly how, what ModSecurity rule was triggered, and so on. With this information, you could see whether a website needs an update, whether you need to block IPs from accessing your web server, and so on. On top of the third-party commercial security rules for ModSecurity which we use, our admins add custom ones as well whenever they discover a new threat which is not yet included in the commercial bundle.