ModSecurity is a plugin for Apache web servers which acts as a web app layer firewall. It is employed to prevent attacks against script-driven sites by using security rules which contain specific expressions. That way, the firewall can stop hacking and spamming attempts and protect even sites which aren't updated regularly. As an example, multiple unsuccessful login attempts to a script administrative area or attempts to execute a particular file with the intention to get access to the script shall trigger certain rules, so ModSecurity shall stop these activities the moment it detects them. The firewall is incredibly efficient because it monitors the entire HTTP traffic to an Internet site in real time without slowing it down, so it could prevent an attack before any harm is done. It also keeps a very comprehensive log of all attack attempts that contains more information than typical Apache logs, so you can later check out the data and take further measures to boost the security of your sites if needed.
ModSecurity in Website Hosting
ModSecurity can be found with every website hosting plan that we provide and it is switched on by default for any domain or subdomain that you add via your Hepsia Control Panel. In the event that it disrupts any of your applications or you would like to disable it for any reason, you'll be able to achieve that through the ModSecurity section of Hepsia with simply a click. You could also activate a passive mode, so the firewall will recognize possible attacks and keep a log, but will not take any action. You can view comprehensive logs in the very same section, including the IP where the attack originated from, what precisely the attacker tried to do and at what time, what ModSecurity did, and so on. For max security of our customers we use a collection of commercial firewall rules mixed with custom ones that are added by our system admins.
ModSecurity in Semi-dedicated Servers
ModSecurity is part of our semi-dedicated server packages and if you decide to host your websites with our company, there will not be anything special you'll have to do as the firewall is switched on by default for all domains and subdomains which you include via your hosting CP. If required, you could disable ModSecurity for a certain website or activate the so-called detection mode in which case the firewall will still work and record info, but will not do anything to prevent possible attacks on your sites. Comprehensive logs shall be readily available inside your Control Panel and you will be able to see what type of attacks occurred, what security rules were triggered and how the firewall handled the threats, what IP addresses the attacks came from, and so forth. We use two sorts of rules on our servers - commercial ones from a company which operates in the field of web security, and custom ones that our administrators occasionally include to respond to newly discovered threats on time.
ModSecurity in VPS Servers
ModSecurity is pre-installed on all VPS servers that are set up with the Hepsia hosting Control Panel, so your web programs shall be protected from the second your server is ready. The firewall is turned on by default for any domain or subdomain on the Virtual Private Server, but if needed, you'll be able to disable it with a click through the corresponding section of Hepsia. You could also set it to work in detection mode, so it'll maintain a detailed log of any potential attacks without taking any action to prevent them. The logs can be found within the exact same section and offer info about the nature of the attack, what IP address it originated from and what ModSecurity rule was initiated to stop it. For best security, we employ not only commercial rules from a firm operating in the field of web security, but also custom ones which our admins include manually in order to react to new threats which are still not tackled in the commercial rules.
ModSecurity in Dedicated Servers
All of our dedicated servers which are set up with the Hepsia hosting CP come with ModSecurity, so any program that you upload or set up will be secured from the very beginning and you won't need to worry about common attacks or vulnerabilities. A separate section in Hepsia will permit you to start or stop the firewall for any domain or subdomain, or activate a detection mode so that it records info about intrusions, but does not take actions to prevent them. What you shall see in the logs can easily help you to secure your sites better - the IP address an attack originated from, what site was attacked and how, what ModSecurity rule was triggered, and so forth. With this info, you can see whether a site needs an update, whether you need to block IPs from accessing your hosting server, and so forth. On top of the third-party commercial security rules for ModSecurity which we use, our administrators add custom ones too if they find a new threat which is not yet a part of the commercial bundle.