ModSecurity is a plugin for Apache web servers that functions as a web app layer firewall. It's employed to prevent attacks towards script-driven websites by using security rules which contain particular expressions. This way, the firewall can stop hacking and spamming attempts and shield even websites which are not updated frequently. For example, a number of unsuccessful login attempts to a script admin area or attempts to execute a certain file with the intention to get access to the script will trigger certain rules, so ModSecurity shall block out these activities the minute it detects them. The firewall is extremely efficient since it screens the whole HTTP traffic to a site in real time without slowing it down, so it will be able to prevent an attack before any damage is done. It furthermore keeps a very thorough log of all attack attempts that features more info than typical Apache logs, so you could later analyze the data and take extra measures to boost the security of your Internet sites if needed.
ModSecurity in Hosting
ModSecurity is available with every single hosting plan which we provide and it is activated by default for any domain or subdomain that you add via your Hepsia CP. In the event that it disrupts any of your apps or you would like to disable it for whatever reason, you'll be able to do this through the ModSecurity section of Hepsia with only a mouse click. You could also use a passive mode, so the firewall will discover possible attacks and keep a log, but will not take any action. You could see comprehensive logs in the same section, including the IP address where the attack came from, what precisely the attacker tried to do and at what time, what ModSecurity did, etc. For max protection of our clients we use a collection of commercial firewall rules mixed with custom ones that are provided by our system administrators.
ModSecurity in Semi-dedicated Hosting
All semi-dedicated hosting packages that we offer include ModSecurity and since the firewall is switched on by default, any site that you set up under a domain or a subdomain will be protected right from the start. A separate section inside the Hepsia Control Panel which comes with the semi-dedicated accounts is devoted to ModSecurity and it shall allow you to stop and start the firewall for any website or switch on a detection mode. With the last option, ModSecurity won't take any action, but it shall still recognize possible attacks and will keep all info inside a log as if it were 100% active. The logs could be found inside the very same section of the CP and they feature specifics about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to recognize and stop it, and so on. The security rules that we employ on our servers are a mix of commercial ones from a security company and custom ones made by our system admins. Consequently, we offer higher security for your web applications as we can protect them from attacks before security businesses release updates for brand new threats.
ModSecurity in VPS Hosting
ModSecurity is pre-installed on all virtual private servers that are set up with the Hepsia hosting Control Panel, so your web apps will be secured from the moment your server is ready. The firewall is turned on by default for any domain or subdomain on the VPS, but if necessary, you can deactivate it with a click through the corresponding section of Hepsia. You could also set it to operate in detection mode, so it'll maintain a detailed log of any potential attacks without taking any action to stop them. The logs can be found in the same section and provide information about the nature of the attack, what IP it originated from and what ModSecurity rule was activated to stop it. For best security, we use not simply commercial rules from a firm operating in the field of web security, but also custom ones our administrators include manually in order to respond to new threats that are still not tackled in the commercial rules.
ModSecurity in Dedicated Web Hosting
All of our dedicated servers that are set up with the Hepsia hosting CP come with ModSecurity, so any program you upload or install shall be secured from the very beginning and you won't have to bother about common attacks or vulnerabilities. An independent section within Hepsia will allow you to start or stop the firewall for any domain or subdomain, or turn on a detection mode so that it records information about intrusions, but does not take actions to prevent them. What you'll discover in the logs can easily allow you to to secure your websites better - the IP an attack originated from, what site was attacked and in what way, what ModSecurity rule was triggered, etc. With this info, you'll be able to see whether a website needs an update, if you should block IPs from accessing your server, etc. Aside from the third-party commercial security rules for ModSecurity which we use, our administrators add custom ones too when they discover a new threat that is not yet a part of the commercial bundle.