ModSecurity is a plugin for Apache web servers that acts as a web application layer firewall. It's employed to stop attacks toward script-driven Internet sites by employing security rules which contain specific expressions. That way, the firewall can block hacking and spamming attempts and shield even websites which aren't updated on a regular basis. For instance, several unsuccessful login attempts to a script administrative area or attempts to execute a specific file with the intention to get access to the script shall trigger specific rules, so ModSecurity shall block out these activities the moment it detects them. The firewall is extremely efficient since it monitors the entire HTTP traffic to a website in real time without slowing it down, so it could prevent an attack before any harm is done. It furthermore keeps an exceptionally detailed log of all attack attempts which features more information than traditional Apache logs, so you could later analyze the data and take further measures to boost the security of your websites if needed.
ModSecurity in Web Hosting
We offer ModSecurity with all web hosting plans, so your Internet applications shall be protected against destructive attacks. The firewall is switched on as standard for all domains and subdomains, but if you would like, you'll be able to stop it through the respective section of your Hepsia Control Panel. You'll be able to also switch on a detection mode, so ModSecurity shall keep a log as intended, but will not take any action. The logs which you'll discover inside Hepsia are quite detailed and include data about the nature of any attack, when it occurred and from what IP, the firewall rule that was triggered, etcetera. We use a range of commercial rules that are constantly updated, but sometimes our admins add custom rules as well so as to efficiently protect the Internet sites hosted on our servers.
ModSecurity in Semi-dedicated Servers
ModSecurity is a part of our semi-dedicated server plans and if you decide to host your Internet sites with our company, there will not be anything special you will have to do given that the firewall is switched on by default for all domains and subdomains you add through your hosting CP. If needed, you could disable ModSecurity for a certain website or switch on the so-called detection mode in which case the firewall shall still operate and record info, but won't do anything to prevent possible attacks on your sites. In depth logs shall be readily available within your Control Panel and you shall be able to see which kind of attacks occurred, what security rules were triggered and how the firewall handled the threats, what IP addresses the attacks came from, and so forth. We use 2 kinds of rules on our servers - commercial ones from an organization which operates in the field of web security, and customized ones which our administrators often include to respond to newly discovered threats promptly.
ModSecurity in VPS Servers
ModSecurity is included with all Hepsia-based VPS servers that we offer and it shall be turned on automatically for every new domain or subdomain that you add on the server. In this way, any web application which you install shall be secured right from the start without doing anything manually on your end. The firewall may be managed from the section of the CP that bears the same name. This is the area in whichyou could switch off ModSecurity or let its passive mode, so it will not take any action towards threats, but shall still maintain a comprehensive log. The recorded information is available inside the same section as well and you will be able to see what IPs any attacks came from so that you can block them, what the nature of the attempted attacks was and based on what security rules ModSecurity reacted. The rules which we employ on our servers are a combination between commercial ones that we obtain from a security company and custom ones that are included by our admins to maximize the security of any web apps hosted on our end.
ModSecurity in Dedicated Servers
All our dedicated servers which are installed with the Hepsia hosting CP come with ModSecurity, so any application you upload or set up will be protected from the very beginning and you will not need to concern yourself with common attacks or vulnerabilities. A separate section in Hepsia will permit you to start or stop the firewall for each and every domain or subdomain, or activate a detection mode so that it records information regarding intrusions, but does not take actions to prevent them. What you will discover in the logs can help you to secure your websites better - the IP address an attack came from, what website was attacked and exactly how, what ModSecurity rule was triggered, etc. With this info, you can see whether a website needs an update, whether you ought to block IPs from accessing your hosting server, etcetera. Besides the third-party commercial security rules for ModSecurity we use, our administrators add custom ones as well if they find a new threat that is not yet a part of the commercial bundle.