ModSecurity
Find out what ModSecurity is, how it functions and what exactly it does to protect your Internet sites and applications.
ModSecurity is a powerful firewall for Apache web servers that is used to stop attacks against web applications. It keeps track of the HTTP traffic to a given site in real time and blocks any intrusion attempts the instant it discovers them. The firewall uses a set of rules to do that - for example, trying to log in to a script administration area unsuccessfully many times activates one rule, sending a request to execute a certain file that may result in accessing the site triggers another rule, and so on. ModSecurity is among the best firewalls available on the market and it will protect even scripts that aren't updated often as it can prevent attackers from using known exploits and security holes. Very detailed info about each and every intrusion attempt is recorded and the logs the firewall maintains are considerably more specific than the standard logs generated by the Apache server, so you may later analyze them and determine whether you need to take more measures in order to boost the safety of your script-driven sites.
-
ModSecurity in Hosting
ModSecurity can be found with each and every
hosting solution which we offer and it's turned on by default for any domain or subdomain which you include through your Hepsia CP. In case it disrupts any of your apps or you'd like to disable it for any reason, you shall be able to do that through the ModSecurity area of Hepsia with only a mouse click. You can also use a passive mode, so the firewall will identify potential attacks and keep a log, but shall not take any action. You'll be able to see comprehensive logs in the same section, including the IP where the attack originated from, what exactly the attacker tried to do and at what time, what ModSecurity did, and so on. For optimum security of our clients we use a group of commercial firewall rules mixed with custom ones that are provided by our system admins.
-
ModSecurity in Semi-dedicated Servers
ModSecurity is part of our
semi-dedicated server solutions and if you decide to host your Internet sites with our company, there will not be anything special you will have to do given that the firewall is switched on by default for all domains and subdomains you add via your hosting Control Panel. If needed, you'll be able to disable ModSecurity for a particular website or turn on the so-called detection mode in which case the firewall will still work and record information, but will not do anything to prevent potential attacks on your websites. Comprehensive logs will be accessible in your Control Panel and you shall be able to see what sort of attacks happened, what security rules were triggered and how the firewall addressed the threats, what IP addresses the attacks came from, and so forth. We employ 2 sorts of rules on our servers - commercial ones from an organization which operates in the field of web security, and custom ones that our admins sometimes include to respond to newly identified risks on time.