ModSecurity is a plugin for Apache web servers which acts as a web app layer firewall. It's employed to stop attacks toward script-driven sites by using security rules which contain certain expressions. This way, the firewall can block hacking and spamming attempts and shield even Internet sites which aren't updated frequently. For instance, numerous unsuccessful login attempts to a script admin area or attempts to execute a particular file with the objective to get access to the script will trigger particular rules, so ModSecurity shall block these activities the minute it detects them. The firewall is incredibly efficient since it tracks the whole HTTP traffic to an Internet site in real time without slowing it down, so it could stop an attack before any harm is done. It also maintains an incredibly comprehensive log of all attack attempts that features more information than traditional Apache logs, so you could later check out the data and take further measures to increase the security of your Internet sites if required.
ModSecurity in Web Hosting
ModSecurity is supplied with all web hosting
web servers, so when you decide to host your websites with our organization, they'll be protected against a wide range of attacks. The firewall is turned on as standard for all domains and subdomains, so there shall be nothing you will have to do on your end. You shall be able to stop ModSecurity for any website if necessary, or to switch on a detection mode, so that all activity will be recorded, but the firewall will not take any real action. You shall be able to view comprehensive logs from your Hepsia Control Panel including the IP address where the attack originated from, what the attacker wanted to do and how ModSecurity handled the threat. Since we take the security of our clients' websites seriously, we employ a selection of commercial rules that we take from one of the top firms that maintain this type of rules. Our administrators also add custom rules to make certain that your Internet sites will be protected against as many threats as possible.
ModSecurity in Semi-dedicated Hosting
Any web program you install in your new semi-dedicated hosting
account shall be protected by ModSecurity since the firewall is provided with all our hosting solutions and is turned on by default for any domain and subdomain you add or create through your Hepsia hosting Control Panel. You will be able to manage ModSecurity through a dedicated section in Hepsia where not simply can you activate or deactivate it completely, but you can also enable a passive mode, so the firewall will not stop anything, but it will still maintain a record of potential attacks. This takes only a mouse click and you'll be able to view the logs regardless of if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was handled, etcetera. The firewall uses 2 groups of rules on our servers - a commercial one that we get from a third-party web security provider and a custom one that our administrators update manually in order to respond to recently discovered risks immediately.
ModSecurity in VPS
ModSecurity is pre-installed on all virtual private servers
which are provided with the Hepsia hosting CP, so your web applications shall be secured from the second your server is ready. The firewall is turned on by default for any domain or subdomain on the Virtual Private Server, but if needed, you'll be able to deactivate it with a click via the corresponding section of Hepsia. You could also set it to work in detection mode, so it shall maintain an extensive log of any potential attacks without taking any action to prevent them. The logs are available inside the exact same section and offer info about the nature of the attack, what IP it originated from and what ModSecurity rule was activated to stop it. For optimum security, we employ not simply commercial rules from a business working in the field of web security, but also custom ones our admins add personally so as to react to new threats which are still not dealt with in the commercial rules.
ModSecurity in Dedicated Hosting
ModSecurity is available by default with all dedicated servers
that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain which you host or subdomain which you create on the server. In the event that a web app does not function correctly, you may either disable the firewall or set it to function in passive mode. The second means that ModSecurity will keep a log of any possible attack which may occur, but shall not take any action to stop it. The logs generated in passive or active mode shall offer you more details about the exact file which was attacked, the nature of the attack and the IP address it came from, and so forth. This data shall enable you to determine what steps you can take to improve the security of your Internet sites, such as blocking IPs or carrying out script and plugin updates. The ModSecurity rules which we use are updated regularly with a commercial pack from a third-party security company we work with, but occasionally our staff add their own rules also when they identify a new potential threat.