ModSecurity is a plugin for Apache web servers that acts as a web application layer firewall. It's employed to stop attacks towards script-driven websites through the use of security rules that contain particular expressions. In this way, the firewall can stop hacking and spamming attempts and protect even websites that aren't updated regularly. For instance, multiple failed login attempts to a script admin area or attempts to execute a specific file with the objective to get access to the script shall trigger particular rules, so ModSecurity will block these activities the instant it detects them. The firewall is incredibly efficient because it monitors the whole HTTP traffic to an Internet site in real time without slowing it down, so it could stop an attack before any harm is done. It furthermore maintains an exceptionally thorough log of all attack attempts that features more info than conventional Apache logs, so you can later analyze the data and take extra measures to increase the security of your sites if necessary.
ModSecurity in Cloud Hosting
We offer ModSecurity with all cloud hosting solutions, so your web applications shall be resistant to destructive attacks. The firewall is switched on by default for all domains and subdomains, but in case you would like, you'll be able to stop it using the respective area of your Hepsia CP. You'll be able to also activate a detection mode, so ModSecurity shall keep a log as intended, but won't take any action. The logs which you will find within Hepsia are very detailed and include info about the nature of any attack, when it took place and from what IP, the firewall rule which was triggered, etcetera. We employ a set of commercial rules that are often updated, but sometimes our administrators include custom rules as well so as to better protect the websites hosted on our machines.
ModSecurity in Semi-dedicated Hosting
Any web application you set up within your new semi-dedicated hosting account shall be protected by ModSecurity since the firewall is included with all our hosting plans and is switched on by default for any domain and subdomain you include or create through your Hepsia hosting CP. You shall be able to manage ModSecurity through a dedicated section inside Hepsia where not only can you activate or deactivate it fully, but you could also switch on a passive mode, so the firewall won't stop anything, but it shall still keep a record of possible attacks. This takes simply a mouse click and you'll be able to look at the logs regardless if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was dealt with, etcetera. The firewall employs two groups of rules on our web servers - a commercial one that we get from a third-party web security company and a custom one which our administrators update personally as to respond to recently discovered risks as quickly as possible.
ModSecurity in VPS
ModSecurity is pre-installed on all virtual private servers that are set up with the Hepsia hosting Control Panel, so your web apps will be secured from the second your server is ready. The firewall is switched on by default for any domain or subdomain on the Virtual Private Server, but if necessary, you could disable it with a click of your mouse via the corresponding section of Hepsia. You can also set it to function in detection mode, so it'll maintain an extensive log of any potential attacks without taking any action to prevent them. The logs are available inside the same section and provide information about the nature of the attack, what IP it came from and what ModSecurity rule was initiated to stop it. For maximum security, we employ not only commercial rules from a business operating in the field of web security, but also custom ones that our admins add manually in order to respond to new threats which are still not addressed in the commercial rules.
ModSecurity in Dedicated Hosting
ModSecurity is provided with all dedicated servers that are set up with our Hepsia Control Panel and you won't have to do anything specific on your end to use it because it's turned on by default every time you add a new domain or subdomain on your web server. If it disrupts some of your applications, you will be able to stop it through the respective section of Hepsia, or you can leave it operating in passive mode, so it'll detect attacks and will still keep a log for them, but will not prevent them. You may look at the logs later to determine what you can do to improve the protection of your Internet sites as you'll find info such as where an intrusion attempt came from, what site was attacked and based on what rule ModSecurity responded, etc. The rules we employ are commercial, hence they're frequently updated by a security firm, but to be on the safe side, our staff also include custom rules once in a while as to react to any new threats they have discovered.