ModSecurity is a plugin for Apache web servers which acts as a web application layer firewall. It's used to prevent attacks toward script-driven websites by employing security rules that contain certain expressions. That way, the firewall can prevent hacking and spamming attempts and shield even Internet sites that are not updated regularly. For example, numerous failed login attempts to a script admin area or attempts to execute a particular file with the intention to get access to the script shall trigger certain rules, so ModSecurity shall block these activities the instant it detects them. The firewall is extremely efficient because it tracks the entire HTTP traffic to an Internet site in real time without slowing it down, so it could prevent an attack before any harm is done. It additionally keeps an exceptionally thorough log of all attack attempts that includes more information than traditional Apache logs, so you can later examine the data and take additional measures to improve the security of your Internet sites if needed.
ModSecurity in Shared Web Hosting
ModSecurity is available with every shared web hosting solution which we provide and it's activated by default for every domain or subdomain that you include through your Hepsia CP. In the event that it interferes with any of your applications or you'd like to disable it for some reason, you shall be able to do this through the ModSecurity section of Hepsia with just a click. You may also activate a passive mode, so the firewall will identify possible attacks and maintain a log, but shall not take any action. You can see detailed logs in the exact same section, including the IP where the attack originated from, exactly what the attacker tried to do and at what time, what ModSecurity did, and so forth. For maximum security of our clients we use a collection of commercial firewall rules mixed with custom ones that are provided by our system administrators.
ModSecurity in Semi-dedicated Servers
ModSecurity is a part of our semi-dedicated server plans and if you choose to host your Internet sites with us, there won't be anything special you'll need to do since the firewall is activated by default for all domains and subdomains that you add via your hosting Control Panel. If needed, you can disable ModSecurity for a particular website or activate the so-called detection mode in which case the firewall shall still function and record info, but shall not do anything to prevent possible attacks against your websites. Comprehensive logs shall be accessible within your Control Panel and you will be able to see what type of attacks took place, what security rules were triggered and how the firewall dealt with the threats, what IP addresses the attacks came from, and so forth. We use two types of rules on our servers - commercial ones from a firm which operates in the field of web security, and custom made ones which our admins often include to respond to newly found threats on time.
ModSecurity in VPS Servers
ModSecurity is pre-installed on all VPS servers which are provided with the Hepsia hosting Control Panel, so your web programs shall be protected from the moment your server is in a position. The firewall is activated by default for any domain or subdomain on the Virtual Private Server, but if necessary, you'll be able to disable it with a click of your mouse via the corresponding section of Hepsia. You could also set it to operate in detection mode, so it'll keep an extensive log of any potential attacks without taking any action to prevent them. The logs can be found inside the same section and include info about the nature of the attack, what IP address it originated from and what ModSecurity rule was activated to stop it. For maximum security, we employ not just commercial rules from a firm operating in the field of web security, but also custom ones our admins include manually in order to react to new threats which are still not dealt with in the commercial rules.
ModSecurity in Dedicated Servers
All our dedicated servers that are installed with the Hepsia hosting CP feature ModSecurity, so any app you upload or set up shall be secured from the very beginning and you won't need to stress about common attacks or vulnerabilities. A separate section inside Hepsia will permit you to start or stop the firewall for every domain or subdomain, or switch on a detection mode so that it records info about intrusions, but does not take actions to prevent them. What you will discover in the logs can easily enable you to to secure your Internet sites better - the IP address an attack came from, what website was attacked as well as how, what ModSecurity rule was triggered, and so forth. With this information, you can see whether a website needs an update, whether you need to block IPs from accessing your hosting server, etcetera. Aside from the third-party commercial security rules for ModSecurity we use, our administrators include custom ones too when they find a new threat that is not yet in the commercial bundle.