ModSecurity is a plugin for Apache web servers that acts as a web application layer firewall. It is used to stop attacks toward script-driven Internet sites by using security rules which contain particular expressions. This way, the firewall can block hacking and spamming attempts and preserve even sites which are not updated on a regular basis. As an example, numerous failed login attempts to a script administrative area or attempts to execute a particular file with the intention to get access to the script shall trigger specific rules, so ModSecurity shall block these activities the instant it discovers them. The firewall is incredibly efficient since it monitors the whole HTTP traffic to an Internet site in real time without slowing it down, so it can easily stop an attack before any harm is done. It also maintains an exceptionally thorough log of all attack attempts that contains more information than typical Apache logs, so you can later check out the data and take further measures to boost the security of your Internet sites if necessary.
ModSecurity in Cloud Hosting
We provide ModSecurity with all cloud hosting solutions, so your Internet applications shall be shielded from harmful attacks. The firewall is turned on by default for all domains and subdomains, but if you'd like, you'll be able to stop it through the respective area of your Hepsia CP. You can also switch on a detection mode, so ModSecurity shall keep a log as intended, but won't take any action. The logs that you will find inside Hepsia are extremely detailed and offer info about the nature of any attack, when it occurred and from what IP address, the firewall rule that was triggered, and so forth. We employ a group of commercial rules which are often updated, but sometimes our admins add custom rules as well so as to efficiently protect the sites hosted on our servers.
ModSecurity in Semi-dedicated Hosting
Any web application that you install in your new semi-dedicated hosting account will be protected by ModSecurity because the firewall is provided with all our hosting plans and is activated by default for any domain and subdomain that you add or create via your Hepsia hosting CP. You shall be able to manage ModSecurity through a dedicated section inside Hepsia where not only could you activate or deactivate it entirely, but you could also enable a passive mode, so the firewall will not stop anything, but it shall still maintain a record of potential attacks. This normally requires just a click and you'll be able to view the logs regardless if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was dealt with, and so forth. The firewall uses two sets of rules on our servers - a commercial one which we get from a third-party web security company and a custom one which our admins update personally as to respond to recently discovered risks as soon as possible.
ModSecurity in VPS
Safety is very important to us, so we set up ModSecurity on all virtual private servers that are provided with the Hepsia Control Panel by default. The firewall can be managed through a dedicated section within Hepsia and is turned on automatically when you include a new domain or generate a subdomain, so you'll not have to do anything personally. You shall also be able to deactivate it or turn on the so-called detection mode, so it'll maintain a log of possible attacks that you can later study, but will not prevent them. The logs in both passive and active modes include details regarding the type of the attack and how it was eliminated, what IP it originated from and other valuable information that may help you to tighten the security of your sites by updating them or blocking IPs, for instance. On top of the commercial rules we get for ModSecurity from a third-party security company, we also employ our own rules since from time to time we detect specific attacks which aren't yet present inside the commercial pack. That way, we can enhance the security of your VPS instantly instead of awaiting an official update.
ModSecurity in Dedicated Hosting
ModSecurity is included with all dedicated servers that are integrated with our Hepsia CP and you will not need to do anything specific on your end to employ it because it is activated by default whenever you add a new domain or subdomain on your server. If it disrupts any of your apps, you'll be able to stop it via the respective area of Hepsia, or you can leave it operating in passive mode, so it'll identify attacks and will still maintain a log for them, but will not stop them. You may examine the logs later to find out what you can do to improve the protection of your sites as you shall find info such as where an intrusion attempt originated from, what website was attacked and in accordance with what rule ModSecurity reacted, etc. The rules that we employ are commercial, therefore they're constantly updated by a security firm, but to be on the safe side, our administrators also include custom rules once in a while as to respond to any new threats they have discovered.