ModSecurity is a plugin for Apache web servers that functions as a web app layer firewall. It's employed to prevent attacks against script-driven Internet sites through the use of security rules that contain certain expressions. In this way, the firewall can stop hacking and spamming attempts and preserve even sites which aren't updated often. As an example, multiple failed login attempts to a script admin area or attempts to execute a certain file with the objective to get access to the script will trigger certain rules, so ModSecurity will block these activities the minute it identifies them. The firewall is extremely efficient because it screens the whole HTTP traffic to an Internet site in real time without slowing it down, so it can easily prevent an attack before any damage is done. It additionally maintains an incredibly thorough log of all attack attempts which features more information than standard Apache logs, so you can later analyze the data and take additional measures to increase the security of your Internet sites if needed.
ModSecurity in Hosting
ModSecurity can be found with each and every hosting plan that we offer and it is turned on by default for every domain or subdomain that you include via your Hepsia CP. In the event that it interferes with any of your applications or you would like to disable it for any reason, you'll be able to achieve that through the ModSecurity section of Hepsia with merely a click. You can also enable a passive mode, so the firewall will detect possible attacks and maintain a log, but will not take any action. You'll be able to view comprehensive logs in the very same section, including the IP where the attack originated from, what precisely the attacker attempted to do and at what time, what ModSecurity did, and so on. For max protection of our customers we use a group of commercial firewall rules mixed with custom ones that are included by our system administrators.
ModSecurity in Semi-dedicated Servers
All semi-dedicated server solutions which we offer come with ModSecurity and because the firewall is turned on by default, any website which you create under a domain or a subdomain will be protected right from the start. An independent section in the Hepsia Control Panel that comes with the semi-dedicated accounts is devoted to ModSecurity and it shall enable you to start and stop the firewall for any site or activate a detection mode. With the last option, ModSecurity shall not take any action, but it shall still detect possible attacks and will keep all info within a log as if it were 100% active. The logs can be found inside the very same section of the Control Panel and they offer information regarding the IP where an attack came from, what its nature was, what rule ModSecurity applies to detect and stop it, etc. The security rules that we employ on our servers are a mix between commercial ones from a security firm and custom ones developed by our system administrators. Therefore, we provide greater security for your web apps as we can shield them from attacks even before security businesses release updates for new threats.
ModSecurity in VPS Servers
ModSecurity comes with all Hepsia-based VPS servers which we offer and it shall be switched on automatically for every new domain or subdomain you include on the web server. In this way, any web application that you install shall be secured right away without doing anything personally on your end. The firewall may be managed from the section of the CP which bears the same name. This is the area whereyou could turn off ModSecurity or enable its passive mode, so it won't take any action toward threats, but shall still keep a thorough log. The recorded data is available inside the same area as well and you'll be able to see what IPs any attacks originated from so that you block them, what the nature of the attempted attacks was and based on what security rules ModSecurity reacted. The rules we employ on our servers are a combination between commercial ones that we get from a security company and custom ones that are included by our administrators to optimize the protection of any web apps hosted on our end.
ModSecurity in Dedicated Servers
ModSecurity is included with all dedicated servers which are integrated with our Hepsia Control Panel and you won't have to do anything specific on your end to use it as it is enabled by default each time you add a new domain or subdomain on your hosting server. In the event that it interferes with some of your programs, you shall be able to stop it via the respective part of Hepsia, or you could leave it in passive mode, so it'll recognize attacks and will still maintain a log for them, but won't block them. You may look at the logs later to determine what you can do to improve the safety of your Internet sites as you will find information such as where an intrusion attempt came from, what site was attacked and in accordance with what rule ModSecurity responded, and so forth. The rules which we use are commercial, thus they're frequently updated by a security firm, but to be on the safe side, our admins also include custom rules once in a while in order to respond to any new threats they have identified.