Learn what ModSecurity actually is, the way it works and just what exactly it can do to guard your web sites and apps.
ModSecurity is a highly effective firewall for Apache web servers that is used to prevent attacks against web apps. It monitors the HTTP traffic to a certain site in real time and stops any intrusion attempts the instant it discovers them. The firewall relies on a set of rules to do this - for example, attempting to log in to a script administration area unsuccessfully a few times activates one rule, sending a request to execute a certain file which could result in accessing the Internet site triggers a different rule, etcetera. ModSecurity is one of the best firewalls available and it'll secure even scripts which are not updated frequently since it can prevent attackers from employing known exploits and security holes. Quite detailed data about every single intrusion attempt is recorded and the logs the firewall maintains are considerably more specific than the regular logs provided by the Apache server, so you may later examine them and decide if you need to take more measures so as to boost the security of your script-driven sites.
ModSecurity in Cloud Website Hosting
ModSecurity is offered with every single cloud website hosting
package which we offer and it's activated by default for any domain or subdomain which you include through your Hepsia Control Panel. If it disrupts any of your apps or you'd like to disable it for some reason, you will be able to do that through the ModSecurity section of Hepsia with simply a click. You could also enable a passive mode, so the firewall will identify potential attacks and keep a log, but shall not take any action. You could view extensive logs in the exact same section, including the IP address where the attack originated from, what precisely the attacker aimed to do and at what time, what ModSecurity did, etcetera. For maximum security of our clients we use a set of commercial firewall rules blended with custom ones that are added by our system administrators.
ModSecurity in Dedicated Hosting
When you decide to host your websites on a dedicated server
with the Hepsia Control Panel, your web apps will be secured immediately as ModSecurity is available with all Hepsia-based packages. You'll be able to regulate the firewall effortlessly and if necessary, you'll be able to turn it off or activate its passive mode when it shall only maintain a log of what's going on without taking any action to prevent possible attacks. The logs that you will find within the same section of the Control Panel are quite detailed and feature details about the attacker IP address, what site and file were attacked and in what way, what rule the firewall employed to prevent the intrusion, and so forth. This data shall allow you to take measures and improve the security of your websites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones that our admins include every time they detect attacks which haven't yet been included in the commercial pack.