ModSecurity is a plugin for Apache web servers that functions as a web application layer firewall. It is used to prevent attacks toward script-driven sites through the use of security rules that contain particular expressions. In this way, the firewall can block hacking and spamming attempts and shield even Internet sites that aren't updated often. As an example, a number of unsuccessful login attempts to a script administrative area or attempts to execute a specific file with the objective to get access to the script shall trigger specific rules, so ModSecurity shall block these activities the second it discovers them. The firewall is extremely efficient as it monitors the whole HTTP traffic to a website in real time without slowing it down, so it can easily prevent an attack before any damage is done. It furthermore maintains a very thorough log of all attack attempts that contains more info than standard Apache logs, so you could later analyze the data and take additional measures to boost the security of your Internet sites if required.
ModSecurity in Website Hosting
ModSecurity can be found with each website hosting solution which we provide and it's turned on by default for every domain or subdomain that you include via your Hepsia CP. In the event that it disrupts any of your programs or you would like to disable it for any reason, you shall be able to accomplish that through the ModSecurity area of Hepsia with only a mouse click. You may also enable a passive mode, so the firewall will detect potential attacks and maintain a log, but will not take any action. You can view detailed logs in the same section, including the IP where the attack originated from, what precisely the attacker tried to do and at what time, what ModSecurity did, and so on. For maximum safety of our clients we use a group of commercial firewall rules mixed with custom ones which are provided by our system admins.
ModSecurity in Semi-dedicated Hosting
Any web application that you install in your new semi-dedicated hosting account shall be protected by ModSecurity because the firewall is included with all our hosting plans and is switched on by default for any domain and subdomain you include or create using your Hepsia hosting CP. You'll be able to manage ModSecurity via a dedicated section in Hepsia where not simply can you activate or deactivate it completely, but you can also switch on a passive mode, so the firewall will not block anything, but it'll still keep a record of possible attacks. This takes just a click and you shall be able to look at the logs regardless of if ModSecurity is in passive or active mode through the same section - what the attack was and where it originated from, how it was dealt with, and so forth. The firewall employs 2 groups of rules on our web servers - a commercial one that we get from a third-party web security provider and a custom one which our admins update personally in order to respond to newly discovered threats immediately.
ModSecurity in VPS Hosting
Safety is of the utmost importance to us, so we set up ModSecurity on all virtual private servers which are set up with the Hepsia Control Panel by default. The firewall could be managed through a dedicated section within Hepsia and is switched on automatically when you add a new domain or create a subdomain, so you will not have to do anything manually. You'll also be able to deactivate it or activate the so-called detection mode, so it will maintain a log of potential attacks you can later examine, but will not prevent them. The logs in both passive and active modes contain info about the form of the attack and how it was stopped, what IP address it originated from and other valuable data that may help you to tighten the security of your sites by updating them or blocking IPs, for example. Beyond the commercial rules which we get for ModSecurity from a third-party security company, we also employ our own rules as from time to time we identify specific attacks that aren't yet present inside the commercial package. This way, we could increase the protection of your Virtual private server immediately instead of awaiting a certified update.
ModSecurity in Dedicated Web Hosting
ModSecurity is provided with all dedicated servers that are integrated with our Hepsia CP and you will not have to do anything specific on your end to employ it since it's switched on by default whenever you add a new domain or subdomain on your web server. In case it interferes with some of your apps, you will be able to stop it through the respective part of Hepsia, or you can leave it working in passive mode, so it shall detect attacks and will still keep a log for them, but won't block them. You may look at the logs later to determine what you can do to improve the safety of your Internet sites since you will find details such as where an intrusion attempt originated from, what website was attacked and based on what rule ModSecurity reacted, etc. The rules that we employ are commercial, therefore they're regularly updated by a security firm, but to be on the safe side, our administrators also include custom rules every now and then as to react to any new threats they have discovered.