ModSecurity is a plugin for Apache web servers which acts as a web application layer firewall. It's employed to prevent attacks toward script-driven websites through the use of security rules that contain particular expressions. This way, the firewall can prevent hacking and spamming attempts and preserve even sites which are not updated often. For instance, numerous failed login attempts to a script administrator area or attempts to execute a specific file with the purpose to get access to the script will trigger specific rules, so ModSecurity will stop these activities the instant it identifies them. The firewall is incredibly efficient since it monitors the whole HTTP traffic to a site in real time without slowing it down, so it can stop an attack before any damage is done. It also maintains an incredibly detailed log of all attack attempts that includes more information than typical Apache logs, so you could later analyze the data and take extra measures to enhance the security of your Internet sites if necessary.
ModSecurity in Shared Hosting
We provide ModSecurity with all shared hosting plans, so your web applications will be protected against malicious attacks. The firewall is switched on as standard for all domains and subdomains, but if you'd like, you shall be able to stop it through the respective area of your Hepsia CP. You'll be able to also activate a detection mode, so ModSecurity shall keep a log as intended, but will not take any action. The logs which you'll discover in Hepsia are very detailed and offer data about the nature of any attack, when it took place and from what IP address, the firewall rule that was triggered, etc. We use a range of commercial rules that are regularly updated, but sometimes our administrators include custom rules as well in order to efficiently protect the websites hosted on our servers.
ModSecurity in VPS Hosting
All virtual private servers that are offered with the Hepsia CP feature ModSecurity. The firewall is installed and turned on by default for all domains which are hosted on the machine, so there won't be anything special which you'll need to do to protect your sites. It'll take you a mouse click to stop ModSecurity if needed or to activate its passive mode so that it records what occurs without taking any measures to stop intrusions. You will be able to see the logs created in active or passive mode via the corresponding section of Hepsia and discover more about the form of the attack, where it originated from, what rule the firewall used to tackle it, and so on. We employ a combination of commercial and custom rules in order to ensure that ModSecurity will block out as many threats as possible, consequently improving the security of your web programs as much as possible.
ModSecurity in Dedicated Web Hosting
ModSecurity is provided as standard with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain which you host or subdomain that you create on the server. Just in case that a web application doesn't operate properly, you could either switch off the firewall or set it to function in passive mode. The second means that ModSecurity shall maintain a log of any potential attack which could occur, but shall not take any action to prevent it. The logs generated in active or passive mode will give you additional details about the exact file which was attacked, the nature of the attack and the IP address it originated from, and so forth. This info shall allow you to choose what actions you can take to boost the security of your Internet sites, for instance blocking IPs or performing script and plugin updates. The ModSecurity rules that we use are updated constantly with a commercial pack from a third-party security enterprise we work with, but occasionally our staff include their own rules as well when they identify a new potential threat.