ModSecurity is a plugin for Apache web servers that acts as a web application layer firewall. It is used to stop attacks toward script-driven sites through the use of security rules which contain certain expressions. This way, the firewall can stop hacking and spamming attempts and shield even sites that are not updated often. As an example, a number of unsuccessful login attempts to a script admin area or attempts to execute a certain file with the purpose to get access to the script shall trigger particular rules, so ModSecurity shall stop these activities the instant it identifies them. The firewall is quite efficient because it screens the entire HTTP traffic to a site in real time without slowing it down, so it can prevent an attack before any harm is done. It furthermore maintains an exceptionally thorough log of all attack attempts which contains more information than typical Apache logs, so you can later analyze the data and take additional measures to improve the security of your sites if required.
ModSecurity in Cloud Hosting
We provide ModSecurity with all cloud hosting
solutions, so your web applications shall be resistant to malicious attacks. The firewall is switched on as standard for all domains and subdomains, but if you would like, you will be able to stop it using the respective part of your Hepsia Control Panel. You can also switch on a detection mode, so ModSecurity will keep a log as intended, but won't take any action. The logs that you shall find inside Hepsia are very detailed and offer info about the nature of any attack, when it occurred and from what IP, the firewall rule that was triggered, and so forth. We use a set of commercial rules which are frequently updated, but sometimes our administrators include custom rules as well in order to efficiently protect the websites hosted on our servers.
ModSecurity in Semi-dedicated Servers
All semi-dedicated server
plans that we offer include ModSecurity and because the firewall is enabled by default, any website you create under a domain or a subdomain shall be protected immediately. An individual section inside the Hepsia Control Panel that comes with the semi-dedicated accounts is dedicated to ModSecurity and it will permit you to start and stop the firewall for any site or activate a detection mode. With the last option, ModSecurity will not take any action, but it shall still recognize possible attacks and will keep all data in a log as if it were completely active. The logs could be found inside the exact same section of the Control Panel and they include information regarding the IP where an attack came from, what its nature was, what rule ModSecurity applies to detect and stop it, and so on. The security rules which we use on our servers are a mix of commercial ones from a security firm and custom ones made by our system admins. For that reason, we provide higher security for your web applications as we can protect them from attacks even before security businesses release updates for completely new threats.
ModSecurity in VPS Servers
ModSecurity comes with all Hepsia-based VPS servers
we offer and it'll be turned on automatically for every new domain or subdomain you add on the server. That way, any web app that you install will be protected right away without doing anything manually on your end. The firewall can be handled via the section of the Control Panel that bears the same name. This is the area in whichyou can switch off ModSecurity or activate its passive mode, so it will not take any action against threats, but will still maintain a thorough log. The recorded information is available within the same section as well and you'll be able to see what IPs any attacks originated from to enable you to block them, what the nature of the attempted attacks was and based on what security rules ModSecurity reacted. The rules which we use on our servers are a combination between commercial ones which we obtain from a security firm and custom ones which are added by our admins to optimize the security of any web applications hosted on our end.
ModSecurity in Dedicated Servers
ModSecurity is provided as standard with all dedicated servers
that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain you host or subdomain you create on the web server. Just in case that a web app doesn't operate properly, you could either turn off the firewall or set it to work in passive mode. The second means that ModSecurity will keep a log of any potential attack that could take place, but won't take any action to stop it. The logs created in active or passive mode will provide you with more details about the exact file which was attacked, the type of the attack and the IP address it originated from, and so forth. This info shall allow you to determine what measures you can take to increase the safety of your sites, such as blocking IPs or carrying out script and plugin updates. The ModSecurity rules which we employ are updated often with a commercial pack from a third-party security company we work with, but from time to time our administrators include their own rules too in the event that they identify a new potential threat.