ModSecurity is a plugin for Apache web servers which functions as a web app layer firewall. It's used to stop attacks against script-driven sites through the use of security rules which contain specific expressions. In this way, the firewall can stop hacking and spamming attempts and protect even Internet sites that aren't updated on a regular basis. For example, multiple failed login attempts to a script administrative area or attempts to execute a particular file with the objective to get access to the script shall trigger particular rules, so ModSecurity shall block these activities the instant it detects them. The firewall is very efficient because it monitors the entire HTTP traffic to a site in real time without slowing it down, so it could stop an attack before any damage is done. It additionally keeps an exceptionally detailed log of all attack attempts that contains more info than conventional Apache logs, so you can later analyze the data and take further measures to enhance the security of your sites if necessary.
ModSecurity in Cloud Hosting
ModSecurity is offered with every single cloud hosting package which we provide and it is turned on by default for every domain or subdomain that you add through your Hepsia CP. If it disrupts any of your programs or you'd like to disable it for some reason, you will be able to do that through the ModSecurity area of Hepsia with simply a mouse click. You may also enable a passive mode, so the firewall will discover possible attacks and maintain a log, but shall not take any action. You can view comprehensive logs in the very same section, including the IP where the attack originated from, what precisely the attacker tried to do and at what time, what ModSecurity did, etcetera. For optimum safety of our customers we use a set of commercial firewall rules blended with custom ones which are added by our system admins.
ModSecurity in Semi-dedicated Hosting
We have integrated ModSecurity as a standard in all semi-dedicated hosting plans, so your web apps shall be protected whenever you set them up under any domain or subdomain. The Hepsia CP which comes with the semi-dedicated accounts shall permit you to activate or disable the firewall for any site with a mouse click. You'll also be able to switch on a passive detection mode through which ModSecurity will keep a log of possible attacks without actually stopping them. The comprehensive logs include the nature of the attack and what ModSecurity response that attack activated, where it originated from, and so forth. The list of rules we use is constantly updated in order to match any new risks that could appear on the Internet and it includes both commercial rules that we get from a security company and custom-written ones which our administrators include in the event that they find a threat which is not present inside the commercial list yet.
ModSecurity in VPS Hosting
ModSecurity is pre-installed on all virtual private servers which are set up with the Hepsia hosting Control Panel, so your web applications will be protected from the moment your server is ready. The firewall is turned on by default for any domain or subdomain on the VPS, but if necessary, you'll be able to disable it with a mouse click via the corresponding section of Hepsia. You could also set it to work in detection mode, so it'll maintain a detailed log of any possible attacks without taking any action to stop them. The logs can be found within the very same section and provide details about the nature of the attack, what IP it originated from and what ModSecurity rule was activated to stop it. For optimum security, we use not simply commercial rules from a firm working in the field of web security, but also custom ones our admins include personally so as to respond to new risks which are still not dealt with in the commercial rules.
ModSecurity in Dedicated Web Hosting
All of our dedicated servers which are installed with the Hepsia hosting CP come with ModSecurity, so any program which you upload or install will be properly secured from the very beginning and you'll not have to stress about common attacks or vulnerabilities. An independent section inside Hepsia will allow you to start or stop the firewall for each and every domain or subdomain, or activate a detection mode so that it records info about intrusions, but does not take actions to stop them. What you will discover in the logs can help you to secure your websites better - the IP address an attack originated from, what site was attacked and in what way, what ModSecurity rule was triggered, and so forth. With this information, you could see if an Internet site needs an update, if you ought to block IPs from accessing your web server, etcetera. In addition to the third-party commercial security rules for ModSecurity that we use, our admins add custom ones as well if they discover a new threat that's not yet included in the commercial bundle.