ModSecurity is a plugin for Apache web servers that functions as a web application layer firewall. It is employed to prevent attacks against script-driven sites by using security rules that contain particular expressions. That way, the firewall can stop hacking and spamming attempts and shield even Internet sites which aren't updated regularly. For instance, several unsuccessful login attempts to a script admin area or attempts to execute a specific file with the purpose to get access to the script will trigger certain rules, so ModSecurity shall block these activities the moment it discovers them. The firewall is incredibly efficient as it tracks the whole HTTP traffic to a site in real time without slowing it down, so it can easily stop an attack before any harm is done. It furthermore keeps an incredibly thorough log of all attack attempts that contains more information than conventional Apache logs, so you can later analyze the data and take further measures to boost the security of your Internet sites if necessary.
ModSecurity in Cloud Web Hosting
ModSecurity is offered with every single cloud web hosting package which we offer and it is turned on by default for any domain or subdomain which you add via your Hepsia Control Panel. If it disrupts any of your programs or you would like to disable it for whatever reason, you'll be able to do that through the ModSecurity area of Hepsia with just a click. You can also enable a passive mode, so the firewall will discover possible attacks and maintain a log, but will not take any action. You'll be able to see comprehensive logs in the very same section, including the IP where the attack originated from, what exactly the attacker aimed to do and at what time, what ModSecurity did, and so forth. For optimum security of our clients we use a group of commercial firewall rules combined with custom ones which are provided by our system administrators.
ModSecurity in Semi-dedicated Servers
Any web program you set up in your new semi-dedicated server account will be protected by ModSecurity because the firewall is provided with all our hosting plans and is activated by default for any domain and subdomain you add or create through your Hepsia hosting Control Panel. You shall be able to manage ModSecurity via a dedicated section within Hepsia where not simply can you activate or deactivate it completely, but you could also enable a passive mode, so the firewall shall not block anything, but it shall still keep a record of possible attacks. This takes just a mouse click and you'll be able to look at the logs no matter if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was handled, and so forth. The firewall employs 2 sets of rules on our servers - a commercial one that we get from a third-party web security firm and a custom one that our admins update manually as to respond to newly discovered risks as quickly as possible.
ModSecurity in VPS Servers
ModSecurity is pre-installed on all VPS servers which are provided with the Hepsia hosting Control Panel, so your web applications shall be secured from the second your server is ready. The firewall is switched on by default for any domain or subdomain on the VPS, but if required, you could deactivate it with a mouse click through the corresponding section of Hepsia. You could also set it to work in detection mode, so it shall maintain an extensive log of any possible attacks without taking any action to prevent them. The logs are available inside the very same section and offer info about the nature of the attack, what IP it came from and what ModSecurity rule was triggered to stop it. For best security, we use not simply commercial rules from a business operating in the field of web security, but also custom ones that our administrators include personally in order to react to new threats which are still not addressed in the commercial rules.
ModSecurity in Dedicated Servers
All our dedicated servers that are installed with the Hepsia hosting CP feature ModSecurity, so any application which you upload or install will be secured from the very beginning and you won't have to worry about common attacks or vulnerabilities. An independent section inside Hepsia will allow you to start or stop the firewall for every domain or subdomain, or activate a detection mode so that it records info about intrusions, but does not take actions to stop them. What you will see in the logs can help you to secure your Internet sites better - the IP an attack originated from, what website was attacked as well as how, what ModSecurity rule was triggered, and so on. With this info, you'll be able to see if a site needs an update, if you should block IPs from accessing your server, etc. Aside from the third-party commercial security rules for ModSecurity that we use, our administrators include custom ones too every time they find a new threat that's not yet in the commercial bundle.