ModSecurity is a plugin for Apache web servers which functions as a web application layer firewall. It is employed to stop attacks toward script-driven Internet sites by using security rules which contain specific expressions. This way, the firewall can block hacking and spamming attempts and shield even websites which aren't updated frequently. As an example, a number of failed login attempts to a script admin area or attempts to execute a specific file with the purpose to get access to the script shall trigger specific rules, so ModSecurity will stop these activities the moment it detects them. The firewall is very efficient as it screens the entire HTTP traffic to a site in real time without slowing it down, so it could stop an attack before any harm is done. It furthermore keeps an incredibly comprehensive log of all attack attempts that contains more information than standard Apache logs, so you can later analyze the data and take further measures to boost the security of your sites if necessary.
ModSecurity in Shared Web Hosting
We offer ModSecurity with all shared web hosting packages, so your Internet apps shall be shielded from malicious attacks. The firewall is switched on by default for all domains and subdomains, but if you'd like, you shall be able to stop it using the respective area of your Hepsia Control Panel. You'll be able to also activate a detection mode, so ModSecurity shall keep a log as intended, but will not take any action. The logs which you shall find in Hepsia are extremely detailed and feature info about the nature of any attack, when it transpired and from what IP, the firewall rule that was triggered, and so forth. We use a group of commercial rules which are regularly updated, but sometimes our administrators add custom rules as well so as to better protect the sites hosted on our servers.
ModSecurity in Semi-dedicated Servers
Any web application that you set up inside your new semi-dedicated server account shall be protected by ModSecurity since the firewall is provided with all our hosting solutions and is switched on by default for any domain and subdomain you include or create through your Hepsia hosting CP. You'll be able to manage ModSecurity through a dedicated area inside Hepsia where not only could you activate or deactivate it completely, but you may also activate a passive mode, so the firewall shall not block anything, but it will still keep a record of potential attacks. This normally requires just a click and you shall be able to see the logs no matter if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was taken care of, etcetera. The firewall employs 2 sets of rules on our servers - a commercial one which we get from a third-party web security firm and a custom one that our administrators update manually in order to respond to recently discovered risks immediately.
ModSecurity in VPS Servers
All VPS servers that are provided with the Hepsia CP come with ModSecurity. The firewall is installed and switched on by default for all domains which are hosted on the machine, so there shall not be anything special which you'll need to do to protect your websites. It will take you only a click to stop ModSecurity if necessary or to activate its passive mode so that it records what occurs without taking any actions to stop intrusions. You'll be able to look at the logs created in active or passive mode from the corresponding section of Hepsia and discover more about the form of the attack, where it came from, what rule the firewall used to take care of it, and so on. We use a mixture of commercial and custom rules so as to make certain that ModSecurity shall block as many threats as possible, thus boosting the security of your web applications as much as possible.
ModSecurity in Dedicated Servers
ModSecurity is provided with all dedicated servers which are set up with our Hepsia Control Panel and you will not have to do anything specific on your end to employ it because it is enabled by default whenever you add a new domain or subdomain on your hosting server. In the event that it interferes with some of your applications, you will be able to stop it via the respective section of Hepsia, or you can leave it in passive mode, so it'll recognize attacks and will still maintain a log for them, but won't stop them. You'll be able to look at the logs later to find out what you can do to boost the safety of your sites since you'll find details such as where an intrusion attempt originated from, what website was attacked and in accordance with what rule ModSecurity reacted, and so on. The rules that we use are commercial, thus they're regularly updated by a security provider, but to be on the safe side, our administrators also include custom rules every now and then in order to react to any new threats they have discovered.