ModSecurity is a plugin for Apache web servers that functions as a web application layer firewall. It is used to stop attacks toward script-driven websites by using security rules that contain specific expressions. This way, the firewall can block hacking and spamming attempts and preserve even sites that are not updated on a regular basis. For instance, several failed login attempts to a script administrative area or attempts to execute a certain file with the purpose to get access to the script will trigger certain rules, so ModSecurity will block out these activities the moment it discovers them. The firewall is very efficient because it tracks the whole HTTP traffic to an Internet site in real time without slowing it down, so it can prevent an attack before any harm is done. It furthermore maintains an incredibly detailed log of all attack attempts that contains more information than traditional Apache logs, so you can later examine the data and take further measures to improve the security of your Internet sites if necessary.
ModSecurity in Shared Web Hosting
We provide ModSecurity with all shared web hosting
plans, so your Internet apps shall be protected against harmful attacks. The firewall is activated by default for all domains and subdomains, but if you would like, you'll be able to stop it using the respective part of your Hepsia CP. You could also switch on a detection mode, so ModSecurity shall keep a log as intended, but won't take any action. The logs that you will find within Hepsia are very detailed and include information about the nature of any attack, when it occurred and from what IP address, the firewall rule which was triggered, etc. We use a range of commercial rules that are constantly updated, but sometimes our admins include custom rules as well in order to efficiently protect the sites hosted on our servers.
ModSecurity in Semi-dedicated Hosting
Any web program that you set up inside your new semi-dedicated hosting
account shall be protected by ModSecurity because the firewall is provided with all our hosting packages and is turned on by default for any domain and subdomain you add or create using your Hepsia hosting CP. You will be able to manage ModSecurity through a dedicated area inside Hepsia where not simply could you activate or deactivate it completely, but you can also switch on a passive mode, so the firewall shall not stop anything, but it will still keep a record of possible attacks. This normally requires just a click and you shall be able to see the logs regardless if ModSecurity is in passive or active mode through the same section - what the attack was and where it originated from, how it was dealt with, and so on. The firewall uses two sets of rules on our servers - a commercial one that we get from a third-party web security firm and a custom one that our admins update personally in order to respond to recently discovered threats immediately.
ModSecurity in VPS Web Hosting
All virtual private servers
which are provided with the Hepsia Control Panel include ModSecurity. The firewall is set up and switched on by default for all domains that are hosted on the machine, so there will not be anything special that you'll need to do to protect your Internet sites. It will take you only a click to stop ModSecurity if needed or to turn on its passive mode so that it records what occurs without taking any measures to stop intrusions. You'll be able to view the logs created in active or passive mode via the corresponding section of Hepsia and discover more about the type of the attack, where it came from, what rule the firewall employed to deal with it, and so on. We use a mixture of commercial and custom rules so as to make sure that ModSecurity will prevent as many risks as possible, consequently improving the protection of your web apps as much as possible.
ModSecurity in Dedicated Servers Hosting
ModSecurity is included with all dedicated servers
that are integrated with our Hepsia Control Panel and you will not have to do anything specific on your end to employ it since it is enabled by default each time you include a new domain or subdomain on your hosting server. In case it interferes with any of your apps, you shall be able to stop it via the respective part of Hepsia, or you could leave it working in passive mode, so it shall identify attacks and shall still maintain a log for them, but won't block them. You could look at the logs later to determine what you can do to boost the security of your Internet sites since you shall find details such as where an intrusion attempt originated from, what Internet site was attacked and based upon what rule ModSecurity reacted, etcetera. The rules which we use are commercial, therefore they are constantly updated by a security firm, but to be on the safe side, our staff also include custom rules occasionally in order to respond to any new threats they have identified.