Introducing the FastComet ModSecurity cPanel Feature

Since the beginning, our Security Specialists are developing a universal solution for defending our clients’ websites from malicious attacks targeting known vulnerabilities in the most used open-source applications. Every month the major security monitors are reporting tons of vulnerabilities mostly in the commonly used WordPress plugins and/or Joomla components and every month our FastComet Security Team is implementing new rule sets in our WAF (Web Application Firewall) in order to get these vulnerabilities covered and to provide our customers with outstanding security layer.

How does our WAF actually protect your website?

Well, using some mojo called Web Requests Filtering. Every time someone (a user typically) access your website he or she is performing a request to a resource hosted on your account with us. Our WAF is checking that request initially and after the request is verified the same is allowed to reach the server.

When the request reaches the server it is handled by some service – usually the web service and furthermore the PHP service. The result from that process is then sent back to the user but before the result is released from the server our WAF checks it again for any malicious code. If it contains any malicious code then the result is terminated and the user is unable to see it as the server sends an error page as a result.

You probably wonder how come that some error message from the server is better for the users than your actual website? – The answer is pretty straightforward – if your website contains some malicious elements it gets penalized by Google resulting in a dramatic drop in the site rank in a normal Google search. Imagine what this can cause to your Business.

So basically we got you covered in every possible way so even if your website gets hacked it will not be displayed to your users as you cannot afford to loose any of them.

What changes we have implemented and how you will be able to benefit from those?

Until now the WAF was Active by default for all our Shared Hosting Packages – Single Website Package, Multiple Websites Package and our E-Commerce Package with no option for the firewall to be disabled natively using the cPanel service.

From this point on that protection can be fully managed via the newly implemented security Feature in the cPanel service called “ModSecurity” which most probably some of our customers might have already noticed.

You are probably wondering why in the world you will need to disable that feature and to lift off the protection from your account.

Many of the custom installed components such as plugins, modules, themes and so on are a product of third party developers which are not familiar with our WAF. In some cases, the installation procedures of these components will result in an error message from our WAF due to the fact that the components are triggering some security rule. In that particular case, our customers can disable ModSecurity for a brief period of time – until the installation/update/deletion lasts and then to enable it again.

To be even more beneficial that feature allows the customers to enable/disable the feature only for concrete domain or subdomain so for example if you are trying to install some plugin which is resulting in an error from our WAF on a subdomain you can simply disable ModSecurity for that subdomain in particular. This allows for your entire account to remain under the protection except for the subdomain you are currently using.

The same goes for every other domain or subdomain you have configured in your cPanel service.

Let’s see how the feature actually looks like and what options it provides

Right, when you access the ModSecurity feature you will probably notice that it is already enabled for your account.

By default, every account on our Shared Hosting environment will have that feature enabled for all of the domains/subdomains included in the account. If you would like to disable ModSecurity for all of your domains/subdomains simply use the “Disable” button.

Then you will be presented with a simple list containing all of your domains and subdomains. The items are sorted on pages and also you will be able to search for particular domain or subdomain with the implemented search feature.

In order to enable or disable the WAF for particular domain or subdomain, you will need to simply click on the “On” button for enabling and the “Off” button for disabling. The current state of the service for particular domain or subdomain will be colored in dark blue color so you can be completely sure if it is enabled or disabled before performing any change.

Christopher

Christopher has many years of experience leading teams in the fields of Technical support, Server Administration, and Product Development. He mainly works on the backend, helping to create the infrastructure that powers FastComet. He is responsible for flawless migrations and quick and efficient answers to client questions. He also monitors our network status and jumps in to solve time-sensitive issues like DDoS attacks and stops malicious attempts in their tracks. Christopher’s primarily responsible for making sure that our servers purr along, and has worked tirelessly to improve automation at FastComet.