ModSecurity is a plugin for Apache web servers which acts as a web application layer firewall. It is employed to prevent attacks against script-driven websites through the use of security rules that contain specific expressions. In this way, the firewall can prevent hacking and spamming attempts and protect even sites which are not updated regularly. As an example, numerous failed login attempts to a script administrator area or attempts to execute a particular file with the purpose to get access to the script will trigger certain rules, so ModSecurity will block these activities the instant it detects them. The firewall is extremely efficient because it tracks the whole HTTP traffic to a site in real time without slowing it down, so it can prevent an attack before any damage is done. It furthermore keeps a very thorough log of all attack attempts that includes more information than standard Apache logs, so you can later examine the data and take additional measures to improve the security of your Internet sites if required.
ModSecurity in Cloud Website Hosting
We offer ModSecurity with all cloud website hosting plans, so your Internet apps will be protected against destructive attacks. The firewall is turned on by default for all domains and subdomains, but if you would like, you shall be able to stop it through the respective part of your Hepsia CP. You'll be able to also activate a detection mode, so ModSecurity shall keep a log as intended, but shall not take any action. The logs which you will find inside Hepsia are extremely detailed and feature info about the nature of any attack, when it occurred and from what IP address, the firewall rule that was triggered, and so forth. We employ a set of commercial rules which are often updated, but sometimes our admins add custom rules as well in order to efficiently protect the sites hosted on our machines.
ModSecurity in Semi-dedicated Hosting
ModSecurity is a part of our semi-dedicated hosting packages and if you decide to host your Internet sites with us, there won't be anything special you'll need to do as the firewall is turned on by default for all domains and subdomains which you include through your hosting CP. If necessary, you'll be able to disable ModSecurity for a given site or enable the so-called detection mode in which case the firewall will still function and record info, but shall not do anything to prevent potential attacks on your websites. Detailed logs shall be readily available within your Control Panel and you'll be able to see which kind of attacks occurred, what security rules were triggered and how the firewall handled the threats, what IP addresses the attacks came from, etc. We employ 2 sorts of rules on our servers - commercial ones from a firm which operates in the field of web security, and customized ones that our admins often add to respond to newly found risks in a timely manner.
ModSecurity in VPS Hosting
ModSecurity is pre-installed on all virtual private servers which are offered with the Hepsia hosting CP, so your web applications will be secured from the moment your server is in a position. The firewall is turned on by default for any domain or subdomain on the VPS, but if required, you can disable it with a mouse click from the corresponding section of Hepsia. You could also set it to function in detection mode, so it'll maintain a comprehensive log of any potential attacks without taking any action to stop them. The logs can be found within the very same section and offer information about the nature of the attack, what IP address it came from and what ModSecurity rule was triggered to stop it. For maximum security, we use not only commercial rules from a firm working in the field of web security, but also custom ones that our administrators include manually in order to respond to new threats that are still not tackled in the commercial rules.
ModSecurity in Dedicated Web Hosting
ModSecurity is provided with all dedicated servers which are set up with our Hepsia Control Panel and you won't need to do anything specific on your end to use it since it is turned on by default whenever you add a new domain or subdomain on your web server. In the event that it disrupts any of your applications, you'll be able to stop it via the respective area of Hepsia, or you may leave it operating in passive mode, so it'll recognize attacks and will still maintain a log for them, but shall not block them. You'll be able to look at the logs later to determine what you can do to increase the security of your sites since you'll find info such as where an intrusion attempt came from, what site was attacked and in accordance with what rule ModSecurity responded, and so on. The rules which we use are commercial, hence they're constantly updated by a security firm, but to be on the safe side, our staff also add custom rules once in a while as to deal with any new threats they have identified.