ModSecurity is a plugin for Apache web servers that functions as a web app layer firewall. It's employed to prevent attacks toward script-driven Internet sites by employing security rules that contain particular expressions. In this way, the firewall can block hacking and spamming attempts and preserve even sites which aren't updated frequently. For instance, several unsuccessful login attempts to a script administrative area or attempts to execute a certain file with the objective to get access to the script shall trigger specific rules, so ModSecurity will stop these activities the moment it discovers them. The firewall is incredibly efficient as it monitors the whole HTTP traffic to a website in real time without slowing it down, so it can stop an attack before any harm is done. It additionally keeps an incredibly detailed log of all attack attempts which features more info than traditional Apache logs, so you can later examine the data and take further measures to enhance the security of your Internet sites if required.
ModSecurity in Cloud Hosting
We offer ModSecurity with all cloud hosting solutions, so your web apps will be resistant to malicious attacks. The firewall is activated by default for all domains and subdomains, but if you'd like, you will be able to stop it using the respective area of your Hepsia CP. You can also switch on a detection mode, so ModSecurity will keep a log as intended, but will not take any action. The logs which you will find in Hepsia are very detailed and offer information about the nature of any attack, when it occurred and from what IP, the firewall rule which was triggered, etc. We use a group of commercial rules which are regularly updated, but sometimes our administrators include custom rules as well so as to better protect the sites hosted on our servers.
ModSecurity in Semi-dedicated Hosting
ModSecurity is part of our semi-dedicated hosting packages and if you decide to host your websites with us, there shall not be anything special you'll need to do since the firewall is turned on by default for all domains and subdomains that you add through your hosting Control Panel. If needed, you can disable ModSecurity for a particular site or enable the so-called detection mode in which case the firewall will still operate and record data, but shall not do anything to stop potential attacks on your Internet sites. Thorough logs shall be available in your CP and you'll be able to see what sort of attacks happened, what security rules were triggered and how the firewall addressed the threats, what Internet protocol addresses the attacks originated from, etc. We employ 2 kinds of rules on our servers - commercial ones from an organization which operates in the field of web security, and customized ones which our administrators occasionally include to respond to newly identified risks on time.
ModSecurity in VPS
ModSecurity is provided with all Hepsia-based virtual private servers which we offer and it shall be switched on automatically for every new domain or subdomain you include on the web server. In this way, any web application that you install shall be protected from the very beginning without doing anything personally on your end. The firewall could be managed via the section of the CP that has the same name. This is the place in whichyou could switch off ModSecurity or let its passive mode, so it shall not take any action against threats, but will still maintain a thorough log. The recorded info is available in the same section as well and you will be able to see what IPs any attacks came from so that you can block them, what the nature of the attempted attacks was and based on what security rules ModSecurity reacted. The rules which we use on our servers are a blend between commercial ones that we get from a security organization and custom ones which are included by our admins to maximize the protection of any web applications hosted on our end.
ModSecurity in Dedicated Hosting
ModSecurity is provided with all dedicated servers which are set up with our Hepsia CP and you will not have to do anything specific on your end to employ it since it's activated by default every time you include a new domain or subdomain on your web server. If it interferes with some of your applications, you'll be able to stop it through the respective section of Hepsia, or you may leave it working in passive mode, so it'll recognize attacks and will still maintain a log for them, but shall not stop them. You could analyze the logs later to learn what you can do to improve the safety of your websites since you shall find information such as where an intrusion attempt originated from, what Internet site was attacked and in accordance with what rule ModSecurity responded, and so on. The rules that we employ are commercial, thus they're regularly updated by a security company, but to be on the safe side, our staff also add custom rules from time to time as to respond to any new threats they have found.