ModSecurity is a plugin for Apache web servers which acts as a web app layer firewall. It's employed to stop attacks toward script-driven sites by employing security rules which contain certain expressions. That way, the firewall can prevent hacking and spamming attempts and shield even websites which are not updated frequently. For example, several failed login attempts to a script administrator area or attempts to execute a certain file with the intention to get access to the script shall trigger particular rules, so ModSecurity shall block out these activities the instant it detects them. The firewall is extremely efficient as it screens the whole HTTP traffic to a site in real time without slowing it down, so it will be able to stop an attack before any damage is done. It furthermore maintains a very thorough log of all attack attempts which features more information than standard Apache logs, so you can later check out the data and take extra measures to increase the security of your websites if required.
ModSecurity in Web Hosting
We provide ModSecurity with all web hosting solutions, so your Internet apps shall be protected against destructive attacks. The firewall is turned on by default for all domains and subdomains, but if you'd like, you shall be able to stop it via the respective part of your Hepsia Control Panel. You'll be able to also switch on a detection mode, so ModSecurity will keep a log as intended, but will not take any action. The logs that you shall discover in Hepsia are very detailed and feature data about the nature of any attack, when it transpired and from what IP address, the firewall rule which was triggered, and so forth. We employ a set of commercial rules which are regularly updated, but sometimes our admins include custom rules as well so as to efficiently protect the sites hosted on our servers.
ModSecurity in Semi-dedicated Servers
All semi-dedicated server packages which we offer feature ModSecurity and because the firewall is switched on by default, any Internet site which you build under a domain or a subdomain will be protected straight away. A separate section inside the Hepsia CP which comes with the semi-dedicated accounts is dedicated to ModSecurity and it'll allow you to start and stop the firewall for any Internet site or enable a detection mode. With the last mentioned, ModSecurity will not take any action, but it'll still recognize possible attacks and will keep all information inside a log as if it were fully active. The logs can be found inside the very same section of the Control Panel and they include information about the IP where an attack came from, what its nature was, what rule ModSecurity applies to identify and stop it, etc. The security rules we use on our web servers are a mix of commercial ones from a security company and custom ones developed by our system admins. Consequently, we provide higher security for your web programs as we can protect them from attacks even before security businesses release updates for brand new threats.
ModSecurity in VPS Servers
ModSecurity comes with all Hepsia-based VPS servers that we offer and it will be switched on automatically for any new domain or subdomain that you include on the hosting server. That way, any web application that you install shall be secured right away without doing anything by hand on your end. The firewall can be managed from the section of the CP which bears the same name. This is the place in whichyou'll be able to turn off ModSecurity or enable its passive mode, so it won't take any action against threats, but shall still keep a thorough log. The recorded info is available inside the same section as well and you will be able to see what IPs any attacks came from to enable you to stop them, what the nature of the attempted attacks was and based upon what security rules ModSecurity reacted. The rules which we use on our servers are a blend between commercial ones which we obtain from a security firm and custom ones which are included by our admins to enhance the security of any web applications hosted on our end.
ModSecurity in Dedicated Servers
ModSecurity is offered by default with all dedicated servers that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain which you host or subdomain which you create on the server. In the event that a web app does not operate adequately, you may either switch off the firewall or set it to operate in passive mode. The latter means that ModSecurity will keep a log of any possible attack that could occur, but shall not take any action to stop it. The logs produced in active or passive mode shall present you with additional details about the exact file that was attacked, the form of the attack and the IP address it came from, and so forth. This info shall permit you to decide what measures you can take to improve the safety of your Internet sites, such as blocking IPs or carrying out script and plugin updates. The ModSecurity rules we employ are updated constantly with a commercial bundle from a third-party security company we work with, but occasionally our administrators include their own rules also if they discover a new potential threat.