Learn how having ModSecurity allowed in your hosting account could help silently with your web site security.
ModSecurity is a plugin for Apache web servers that acts as a web application layer firewall. It is employed to prevent attacks against script-driven sites through the use of security rules which contain certain expressions. That way, the firewall can block hacking and spamming attempts and preserve even Internet sites that aren't updated often. For instance, several unsuccessful login attempts to a script admin area or attempts to execute a specific file with the objective to get access to the script will trigger particular rules, so ModSecurity will block these activities the minute it discovers them. The firewall is quite efficient because it screens the entire HTTP traffic to a site in real time without slowing it down, so it can easily stop an attack before any harm is done. It also keeps an incredibly thorough log of all attack attempts that contains more info than traditional Apache logs, so you can later examine the data and take further measures to enhance the security of your sites if required.
ModSecurity in Shared Web Hosting
ModSecurity is supplied with all shared web hosting
machines, so when you choose to host your websites with our organization, they'll be resistant to an array of attacks. The firewall is turned on by default for all domains and subdomains, so there shall be nothing you will need to do on your end. You will be able to stop ModSecurity for any website if necessary, or to enable a detection mode, so all activity shall be recorded, but the firewall will not take any real action. You will be able to view specific logs via your Hepsia Control Panel including the IP address where the attack came from, what the attacker wanted to do and how ModSecurity addressed the threat. Since we take the protection of our customers' sites very seriously, we use a group of commercial rules which we take from one of the top companies which maintain this sort of rules. Our admins also include custom rules to make sure that your Internet sites shall be shielded from as many risks as possible.
ModSecurity in Semi-dedicated Hosting
All semi-dedicated hosting
packages which we offer include ModSecurity and since the firewall is turned on by default, any website which you set up under a domain or a subdomain will be protected immediately. An independent section inside the Hepsia CP that comes with the semi-dedicated accounts is dedicated to ModSecurity and it'll permit you to start and stop the firewall for any website or activate a detection mode. With the last mentioned, ModSecurity will not take any action, but it'll still detect possible attacks and will keep all info inside a log as if it were fully active. The logs could be found within the very same section of the CP and they include information about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to recognize and stop it, etcetera. The security rules which we use on our machines are a mix between commercial ones from a security business and custom ones created by our system administrators. For that reason, we offer increased security for your web apps as we can defend them from attacks before security corporations release updates for new threats.
ModSecurity in VPS Hosting
Protection is essential to us, so we install ModSecurity on all virtual private servers
that are provided with the Hepsia CP as a standard. The firewall could be managed via a dedicated section in Hepsia and is switched on automatically when you include a new domain or generate a subdomain, so you'll not have to do anything by hand. You'll also be able to deactivate it or activate the so-called detection mode, so it'll maintain a log of potential attacks that you can later analyze, but shall not block them. The logs in both passive and active modes include info about the kind of the attack and how it was prevented, what IP address it came from and other useful data which may help you to tighten the security of your websites by updating them or blocking IPs, as an example. Beyond the commercial rules we get for ModSecurity from a third-party security firm, we also implement our own rules as once in a while we identify specific attacks which are not yet present inside the commercial package. This way, we can increase the security of your Virtual private server instantly instead of waiting for a certified update.
ModSecurity in Dedicated Web Hosting
ModSecurity is provided as standard with all dedicated servers
that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain that you host or subdomain you create on the hosting server. Just in case that a web application doesn't work adequately, you can either switch off the firewall or set it to work in passive mode. The second means that ModSecurity will maintain a log of any possible attack that could occur, but will not take any action to stop it. The logs generated in active or passive mode shall present you with additional details about the exact file that was attacked, the type of the attack and the IP it originated from, etcetera. This information will allow you to determine what steps you can take to increase the safety of your sites, such as blocking IPs or performing script and plugin updates. The ModSecurity rules we use are updated frequently with a commercial pack from a third-party security company we work with, but oftentimes our staff add their own rules too when they identify a new potential threat.