ModSecurity is a plugin for Apache web servers which acts as a web app layer firewall. It's employed to prevent attacks against script-driven sites through the use of security rules which contain specific expressions. This way, the firewall can stop hacking and spamming attempts and protect even websites which aren't updated on a regular basis. As an example, multiple unsuccessful login attempts to a script admin area or attempts to execute a particular file with the intention to get access to the script will trigger particular rules, so ModSecurity will block out these activities the moment it identifies them. The firewall is extremely efficient as it screens the entire HTTP traffic to an Internet site in real time without slowing it down, so it can prevent an attack before any harm is done. It furthermore keeps an incredibly detailed log of all attack attempts which includes more info than typical Apache logs, so you could later check out the data and take further measures to boost the security of your Internet sites if needed.
ModSecurity in Hosting
ModSecurity comes by default with all hosting plans that we offer and it'll be switched on automatically for any domain or subdomain that you add/create inside your Hepsia hosting CP. The firewall has 3 different modes, so you can switch on and deactivate it with only a click or set it to detection mode, so it shall keep a log of all attacks, but it shall not do anything to stop them. The log for any of your websites shall feature comprehensive info such as the nature of the attack, where it originated from, what action was taken by ModSecurity, etc. The firewall rules we use are regularly updated and comprise of both commercial ones which we get from a third-party security business and custom ones which our system admins include in case that they detect a new kind of attacks. That way, the websites that you host here shall be much more secure with no action expected on your end.
ModSecurity in Semi-dedicated Servers
We've included ModSecurity by default in all semi-dedicated server packages, so your web apps shall be protected whenever you install them under any domain or subdomain. The Hepsia CP which comes with the semi-dedicated accounts will permit you to switch on or disable the firewall for any website with a mouse click. You'll also be able to switch on a passive detection mode through which ModSecurity shall maintain a log of potential attacks without actually preventing them. The thorough logs contain the nature of the attack and what ModSecurity response that attack triggered, where it originated from, and so on. The list of rules that we use is frequently updated in order to match any new threats that could appear on the Internet and it includes both commercial rules that we get from a security business and custom-written ones that our administrators include in case they find a threat that's not present inside the commercial list yet.
ModSecurity in VPS Servers
ModSecurity is pre-installed on all VPS servers which are set up with the Hepsia hosting Control Panel, so your web apps shall be secured from the second your server is ready. The firewall is activated by default for any domain or subdomain on the Virtual Private Server, but if necessary, you'll be able to deactivate it with a click of your mouse via the corresponding section of Hepsia. You could also set it to function in detection mode, so it shall keep a detailed log of any possible attacks without taking any action to prevent them. The logs can be found in the exact same section and provide details about the nature of the attack, what IP it originated from and what ModSecurity rule was activated to stop it. For best security, we use not just commercial rules from a firm working in the field of web security, but also custom ones that our administrators include manually so as to respond to new risks that are still not addressed in the commercial rules.
ModSecurity in Dedicated Servers
All of our dedicated servers which are set up with the Hepsia hosting Control Panel come with ModSecurity, so any application which you upload or install will be protected from the very beginning and you won't need to stress about common attacks or vulnerabilities. An individual section in Hepsia will allow you to start or stop the firewall for each and every domain or subdomain, or switch on a detection mode so that it records information regarding intrusions, but does not take actions to stop them. What you'll discover in the logs can allow you to to secure your Internet sites better - the IP an attack came from, what site was attacked and how, what ModSecurity rule was triggered, and so on. With this information, you can see if a site needs an update, whether you ought to block IPs from accessing your web server, and so forth. Aside from the third-party commercial security rules for ModSecurity that we use, our administrators add custom ones as well every time they come across a new threat that's not yet included in the commercial bundle.