ModSecurity is a plugin for Apache web servers which acts as a web app layer firewall. It's used to stop attacks toward script-driven Internet sites by employing security rules that contain specific expressions. In this way, the firewall can stop hacking and spamming attempts and preserve even Internet sites which are not updated on a regular basis. As an example, numerous failed login attempts to a script admin area or attempts to execute a specific file with the purpose to get access to the script will trigger certain rules, so ModSecurity will stop these activities the moment it detects them. The firewall is quite efficient because it tracks the entire HTTP traffic to an Internet site in real time without slowing it down, so it can stop an attack before any harm is done. It also keeps an exceptionally thorough log of all attack attempts which includes more information than traditional Apache logs, so you could later analyze the data and take further measures to boost the security of your sites if needed.
ModSecurity in Shared Website Hosting
ModSecurity can be found with each shared website hosting plan that we provide and it is switched on by default for every domain or subdomain which you include via your Hepsia CP. In case it disrupts any of your apps or you would like to disable it for whatever reason, you will be able to achieve that through the ModSecurity section of Hepsia with only a click. You can also activate a passive mode, so the firewall will recognize potential attacks and maintain a log, but won't take any action. You can view detailed logs in the very same section, including the IP where the attack came from, what exactly the attacker aimed to do and at what time, what ModSecurity did, and so on. For maximum security of our clients we use a collection of commercial firewall rules combined with custom ones that are added by our system administrators.
ModSecurity in Semi-dedicated Hosting
All semi-dedicated hosting packages which we offer include ModSecurity and given that the firewall is turned on by default, any Internet site which you set up under a domain or a subdomain shall be protected immediately. A separate section within the Hepsia CP which comes with the semi-dedicated accounts is dedicated to ModSecurity and it will permit you to stop and start the firewall for any site or enable a detection mode. With the last option, ModSecurity will not take any action, but it shall still identify possible attacks and will keep all data within a log as if it were fully active. The logs could be found in the very same section of the Control Panel and they feature information about the IP where an attack came from, what its nature was, what rule ModSecurity applies to detect and stop it, and so forth. The security rules we use on our web servers are a mix of commercial ones from a security company and custom ones created by our system admins. For that reason, we offer higher security for your web apps as we can shield them from attacks even before security businesses release updates for new threats.
ModSecurity in VPS Web Hosting
Safety is of the utmost importance to us, so we install ModSecurity on all virtual private servers that are made available with the Hepsia CP by default. The firewall can be managed via a dedicated section inside Hepsia and is turned on automatically when you add a new domain or generate a subdomain, so you'll not need to do anything by hand. You shall also be able to deactivate it or turn on the so-called detection mode, so it will maintain a log of potential attacks that you can later study, but shall not stop them. The logs in both passive and active modes include info about the form of the attack and how it was prevented, what IP address it came from and other valuable info that may help you to tighten the security of your sites by updating them or blocking IPs, as an example. In addition to the commercial rules which we get for ModSecurity from a third-party security company, we also use our own rules since from time to time we identify specific attacks which aren't yet present in the commercial group. That way, we can enhance the security of your VPS instantly rather than awaiting a certified update.
ModSecurity in Dedicated Servers Hosting
ModSecurity is provided with all dedicated servers that are integrated with our Hepsia CP and you'll not need to do anything specific on your end to use it because it is turned on by default whenever you add a new domain or subdomain on your hosting server. In case it disrupts any of your apps, you shall be able to stop it through the respective area of Hepsia, or you can leave it working in passive mode, so it'll identify attacks and shall still maintain a log for them, but shall not prevent them. You'll be able to analyze the logs later to find out what you can do to increase the security of your websites as you shall find details such as where an intrusion attempt originated from, what website was attacked and in accordance with what rule ModSecurity responded, etc. The rules we employ are commercial, hence they're regularly updated by a security firm, but to be on the safe side, our admins also include custom rules every now and then as to deal with any new threats they have identified.