ModSecurity is a plugin for Apache web servers that functions as a web application layer firewall. It's used to stop attacks against script-driven Internet sites by using security rules that contain specific expressions. This way, the firewall can prevent hacking and spamming attempts and shield even websites that aren't updated frequently. As an example, several unsuccessful login attempts to a script administrative area or attempts to execute a particular file with the intention to get access to the script shall trigger particular rules, so ModSecurity shall stop these activities the moment it discovers them. The firewall is quite efficient as it tracks the entire HTTP traffic to a site in real time without slowing it down, so it can stop an attack before any harm is done. It furthermore maintains an incredibly thorough log of all attack attempts which includes more info than standard Apache logs, so you could later analyze the data and take additional measures to improve the security of your Internet sites if required.
ModSecurity in Shared Web Hosting
ModSecurity is available with every single shared web hosting solution which we provide and it is turned on by default for every domain or subdomain that you add via your Hepsia CP. In the event that it disrupts any of your apps or you would like to disable it for some reason, you will be able to do this through the ModSecurity area of Hepsia with simply a click. You may also activate a passive mode, so the firewall will discover possible attacks and maintain a log, but shall not take any action. You could see comprehensive logs in the same section, including the IP where the attack came from, exactly what the attacker tried to do and at what time, what ModSecurity did, etcetera. For optimum protection of our customers we use a group of commercial firewall rules blended with custom ones that are added by our system administrators.
ModSecurity in Semi-dedicated Servers
We have included ModSecurity as a standard inside all semi-dedicated server products, so your web applications will be protected the instant you install them under any domain or subdomain. The Hepsia CP which comes with the semi-dedicated accounts shall allow you to activate or disable the firewall for any site with a mouse click. You shall also be able to switch on a passive detection mode through which ModSecurity will keep a log of possible attacks without actually preventing them. The comprehensive logs include things like the nature of the attack and what ModSecurity response this attack activated, where it originated from, etc. The list of rules that we use is regularly updated in order to match any new threats that might appear on the Internet and it features both commercial rules that we get from a security company and custom-written ones that our administrators include if they discover a threat that is not present inside the commercial list yet.
ModSecurity in VPS Servers
All VPS servers which are set up with the Hepsia CP come with ModSecurity. The firewall is set up and activated by default for all domains which are hosted on the server, so there will not be anything special that you will have to do to protect your websites. It shall take you just a click to stop ModSecurity if needed or to activate its passive mode so that it records what occurs without taking any steps to prevent intrusions. You will be able to look at the logs created in active or passive mode via the corresponding section of Hepsia and learn more about the form of the attack, where it came from, what rule the firewall used to deal with it, and so on. We employ a mix of commercial and custom rules so as to ensure that ModSecurity shall stop as many threats as possible, consequently increasing the security of your web apps as much as possible.
ModSecurity in Dedicated Servers
ModSecurity comes with all dedicated servers that are integrated with our Hepsia Control Panel and you'll not need to do anything specific on your end to employ it since it's switched on by default every time you add a new domain or subdomain on your web server. In the event that it interferes with any of your programs, you'll be able to stop it via the respective area of Hepsia, or you may leave it working in passive mode, so it will recognize attacks and shall still maintain a log for them, but will not stop them. You could look at the logs later to find out what you can do to enhance the security of your Internet sites since you will find information such as where an intrusion attempt came from, what website was attacked and based upon what rule ModSecurity responded, and so forth. The rules we employ are commercial, thus they're regularly updated by a security provider, but to be on the safe side, our staff also include custom rules from time to time in order to deal with any new threats they have identified.