ModSecurity is a plugin for Apache web servers that functions as a web application layer firewall. It's used to prevent attacks against script-driven Internet sites by using security rules which contain specific expressions. In this way, the firewall can block hacking and spamming attempts and preserve even websites that aren't updated on a regular basis. For instance, multiple unsuccessful login attempts to a script administrator area or attempts to execute a particular file with the intention to get access to the script will trigger particular rules, so ModSecurity will block these activities the moment it discovers them. The firewall is incredibly efficient since it tracks the whole HTTP traffic to an Internet site in real time without slowing it down, so it can easily prevent an attack before any damage is done. It furthermore maintains a very detailed log of all attack attempts which includes more information than typical Apache logs, so you can later check out the data and take further measures to enhance the security of your websites if required.
ModSecurity in Website Hosting
We provide ModSecurity with all website hosting packages, so your web apps shall be shielded from malicious attacks. The firewall is switched on by default for all domains and subdomains, but if you'd like, you will be able to stop it via the respective area of your Hepsia Control Panel. You'll be able to also switch on a detection mode, so ModSecurity shall keep a log as intended, but won't take any action. The logs that you shall find inside Hepsia are quite detailed and include info about the nature of any attack, when it happened and from what IP, the firewall rule which was triggered, and so on. We employ a group of commercial rules which are frequently updated, but sometimes our admins add custom rules as well so as to efficiently protect the Internet sites hosted on our servers.
ModSecurity in Semi-dedicated Servers
We've integrated ModSecurity as a standard inside all semi-dedicated server plans, so your web apps shall be protected the instant you install them under any domain or subdomain. The Hepsia Control Panel which comes with the semi-dedicated accounts will permit you to activate or disable the firewall for any website with a mouse click. You shall also have the ability to activate a passive detection mode with which ModSecurity shall keep a log of possible attacks without actually stopping them. The detailed logs contain the nature of the attack and what ModSecurity response this attack triggered, where it originated from, etcetera. The list of rules which we use is regularly updated in order to match any new risks that may appear on the Internet and it consists of both commercial rules that we get from a security company and custom-written ones that our admins include if they discover a threat that's not present in the commercial list yet.
ModSecurity in VPS Servers
Safety is extremely important to us, so we set up ModSecurity on all VPS servers which are provided with the Hepsia CP as a standard. The firewall could be managed via a dedicated section in Hepsia and is switched on automatically when you include a new domain or create a subdomain, so you won't need to do anything manually. You'll also be able to disable it or activate the so-called detection mode, so it will keep a log of potential attacks that you can later examine, but won't stop them. The logs in both passive and active modes include information about the kind of the attack and how it was stopped, what IP it originated from and other important info that could help you to tighten the security of your websites by updating them or blocking IPs, for example. In addition to the commercial rules we get for ModSecurity from a third-party security firm, we also employ our own rules as once in a while we discover specific attacks which aren't yet present inside the commercial group. That way, we can easily increase the security of your VPS promptly rather than awaiting a certified update.
ModSecurity in Dedicated Servers
ModSecurity is included with all dedicated servers which are set up with our Hepsia Control Panel and you'll not have to do anything specific on your end to employ it since it's activated by default whenever you include a new domain or subdomain on your web server. If it disrupts any of your apps, you shall be able to stop it through the respective part of Hepsia, or you may leave it operating in passive mode, so it shall identify attacks and shall still maintain a log for them, but won't prevent them. You can look at the logs later to determine what you can do to improve the safety of your sites since you'll find info such as where an intrusion attempt came from, what Internet site was attacked and based on what rule ModSecurity reacted, and so on. The rules we employ are commercial, thus they're regularly updated by a security provider, but to be on the safe side, our staff also add custom rules every now and then as to respond to any new threats they have found.