ModSecurity is a plugin for Apache web servers that functions as a web application layer firewall. It is employed to prevent attacks toward script-driven websites through the use of security rules that contain particular expressions. That way, the firewall can prevent hacking and spamming attempts and protect even Internet sites which are not updated often. As an example, numerous failed login attempts to a script admin area or attempts to execute a certain file with the purpose to get access to the script shall trigger certain rules, so ModSecurity will block these activities the second it detects them. The firewall is quite efficient because it tracks the entire HTTP traffic to an Internet site in real time without slowing it down, so it could prevent an attack before any damage is done. It furthermore maintains a very comprehensive log of all attack attempts that includes more information than standard Apache logs, so you can later examine the data and take additional measures to improve the security of your sites if needed.
ModSecurity in Shared Website Hosting
We provide ModSecurity with all shared website hosting plans, so your Internet apps will be protected against harmful attacks. The firewall is turned on by default for all domains and subdomains, but in case you'd like, you will be able to stop it via the respective part of your Hepsia Control Panel. You can also switch on a detection mode, so ModSecurity shall keep a log as intended, but won't take any action. The logs that you shall find inside Hepsia are very detailed and offer info about the nature of any attack, when it took place and from what IP, the firewall rule that was triggered, etc. We use a range of commercial rules that are regularly updated, but sometimes our administrators include custom rules as well in order to better protect the Internet sites hosted on our servers.
ModSecurity in Semi-dedicated Hosting
All semi-dedicated hosting solutions that we offer feature ModSecurity and because the firewall is switched on by default, any Internet site that you build under a domain or a subdomain shall be protected right from the start. An independent section in the Hepsia CP which comes with the semi-dedicated accounts is devoted to ModSecurity and it will permit you to stop and start the firewall for any site or activate a detection mode. With the last option, ModSecurity shall not take any action, but it'll still recognize possible attacks and will keep all info inside a log as if it were fully active. The logs can be found within the same section of the CP and they include specifics about the IP where an attack came from, what its nature was, what rule ModSecurity applies to identify and stop it, etcetera. The security rules that we employ on our machines are a mix between commercial ones from a security business and custom ones made by our system administrators. For that reason, we offer increased security for your web apps as we can protect them from attacks even before security firms release updates for completely new threats.
ModSecurity in VPS Web Hosting
All virtual private servers which are offered with the Hepsia CP come with ModSecurity. The firewall is set up and switched on by default for all domains that are hosted on the server, so there shall not be anything special that you'll need to do to protect your websites. It will take you simply a mouse click to stop ModSecurity if necessary or to turn on its passive mode so that it records what happens without taking any steps to prevent intrusions. You shall be able to view the logs created in passive or active mode through the corresponding section of Hepsia and discover more about the type of the attack, where it came from, what rule the firewall employed to tackle it, etcetera. We use a mixture of commercial and custom rules so as to make certain that ModSecurity will stop as many threats as possible, hence increasing the security of your web apps as much as possible.
ModSecurity in Dedicated Servers Hosting
ModSecurity comes with all dedicated servers which are set up with our Hepsia CP and you won't have to do anything specific on your end to employ it since it's turned on by default every time you include a new domain or subdomain on your server. If it disrupts any of your programs, you'll be able to stop it via the respective part of Hepsia, or you can leave it working in passive mode, so it shall detect attacks and will still maintain a log for them, but won't block them. You may examine the logs later to learn what you can do to improve the safety of your sites since you will find details such as where an intrusion attempt came from, what site was attacked and based upon what rule ModSecurity reacted, and so forth. The rules we use are commercial, hence they are frequently updated by a security firm, but to be on the safe side, our staff also include custom rules once in a while as to deal with any new threats they have discovered.