ModSecurity is a plugin for Apache web servers which functions as a web application layer firewall. It is used to stop attacks toward script-driven websites by employing security rules which contain particular expressions. That way, the firewall can block hacking and spamming attempts and shield even websites that are not updated on a regular basis. For example, several unsuccessful login attempts to a script administrative area or attempts to execute a certain file with the purpose to get access to the script will trigger particular rules, so ModSecurity shall stop these activities the instant it discovers them. The firewall is very efficient because it monitors the entire HTTP traffic to a site in real time without slowing it down, so it could prevent an attack before any damage is done. It additionally keeps a very thorough log of all attack attempts which features more info than standard Apache logs, so you could later analyze the data and take further measures to improve the security of your sites if needed.
ModSecurity in Shared Website Hosting
We offer ModSecurity with all shared website hosting packages, so your web applications shall be protected against malicious attacks. The firewall is switched on as standard for all domains and subdomains, but in case you would like, you will be able to stop it using the respective area of your Hepsia Control Panel. You could also activate a detection mode, so ModSecurity shall keep a log as intended, but will not take any action. The logs that you will discover inside Hepsia are quite detailed and include information about the nature of any attack, when it took place and from what IP, the firewall rule that was triggered, etc. We employ a group of commercial rules that are regularly updated, but sometimes our administrators include custom rules as well in order to better protect the sites hosted on our servers.
ModSecurity in Semi-dedicated Hosting
We have incorporated ModSecurity by default within all semi-dedicated hosting packages, so your web applications shall be protected whenever you install them under any domain or subdomain. The Hepsia CP that comes with the semi-dedicated accounts will allow you to enable or turn off the firewall for any site with a mouse click. You will also be able to switch on a passive detection mode through which ModSecurity shall keep a log of possible attacks without actually preventing them. The detailed logs contain the nature of the attack and what ModSecurity response that attack generated, where it originated from, and so on. The list of rules which we use is constantly updated in order to match any new threats that might appear on the Internet and it consists of both commercial rules that we get from a security corporation and custom-written ones which our admins add if they find a threat that's not present within the commercial list yet.
ModSecurity in VPS Hosting
ModSecurity is pre-installed on all virtual private servers which are set up with the Hepsia hosting CP, so your web programs will be protected from the second your server is in a position. The firewall is activated by default for any domain or subdomain on the VPS, but if needed, you'll be able to disable it with a click via the corresponding section of Hepsia. You can also set it to operate in detection mode, so it'll maintain a detailed log of any possible attacks without taking any action to prevent them. The logs can be found inside the exact same section and include info about the nature of the attack, what IP it came from and what ModSecurity rule was initiated to stop it. For optimum security, we use not simply commercial rules from a firm working in the field of web security, but also custom ones our administrators add manually in order to react to new threats which are still not tackled in the commercial rules.
ModSecurity in Dedicated Web Hosting
ModSecurity is provided with all dedicated servers which are integrated with our Hepsia CP and you will not have to do anything specific on your end to employ it since it's turned on by default each time you add a new domain or subdomain on your hosting server. In case it disrupts any of your programs, you shall be able to stop it through the respective part of Hepsia, or you may leave it operating in passive mode, so it will identify attacks and shall still maintain a log for them, but won't prevent them. You can analyze the logs later to learn what you can do to boost the security of your sites as you'll find details such as where an intrusion attempt originated from, what site was attacked and in accordance with what rule ModSecurity reacted, and so forth. The rules which we use are commercial, hence they're frequently updated by a security firm, but to be on the safe side, our staff also add custom rules occasionally in order to respond to any new threats they have identified.