ModSecurity is a plugin for Apache web servers which acts as a web app layer firewall. It's used to stop attacks against script-driven Internet sites by employing security rules that contain certain expressions. That way, the firewall can stop hacking and spamming attempts and protect even websites that are not updated on a regular basis. For example, a number of failed login attempts to a script administrator area or attempts to execute a specific file with the intention to get access to the script shall trigger specific rules, so ModSecurity shall stop these activities the instant it discovers them. The firewall is quite efficient since it screens the entire HTTP traffic to an Internet site in real time without slowing it down, so it can prevent an attack before any harm is done. It furthermore keeps an incredibly thorough log of all attack attempts that includes more information than traditional Apache logs, so you could later examine the data and take additional measures to enhance the security of your sites if necessary.
ModSecurity in Shared Hosting
ModSecurity comes standard with all shared hosting solutions which we offer and it shall be activated automatically for any domain or subdomain you add/create within your Hepsia hosting CP. The firewall has three different modes, so you'll be able to activate and disable it with just a click or set it to detection mode, so it'll keep a log of all attacks, but it'll not do anything to prevent them. The log for each of your Internet sites will include detailed information which includes the nature of the attack, where it came from, what action was taken by ModSecurity, and so on. The firewall rules which we use are constantly updated and incorporate both commercial ones we get from a third-party security firm and custom ones that our system admins add in case that they detect a new type of attacks. In this way, the websites which you host here shall be way more protected with no action required on your end.
ModSecurity in Semi-dedicated Hosting
We have incorporated ModSecurity by default in all semi-dedicated hosting packages, so your web applications shall be protected the instant you install them under any domain or subdomain. The Hepsia Control Panel which comes with the semi-dedicated accounts will permit you to activate or disable the firewall for any site with a click. You shall also have the ability to switch on a passive detection mode in which ModSecurity shall maintain a log of possible attacks without actually preventing them. The detailed logs include things like the nature of the attack and what ModSecurity response this attack caused, where it came from, and so on. The list of rules which we employ is regularly updated as to match any new threats which could appear on the Internet and it comes with both commercial rules that we get from a security corporation and custom-written ones which our admins include in case they find a threat that is not present in the commercial list yet.
ModSecurity in VPS
Protection is extremely important to us, so we install ModSecurity on all virtual private servers which are provided with the Hepsia CP by default. The firewall could be managed through a dedicated section within Hepsia and is turned on automatically when you include a new domain or generate a subdomain, so you'll not have to do anything manually. You shall also be able to disable it or switch on the so-called detection mode, so it will maintain a log of possible attacks you can later analyze, but shall not prevent them. The logs in both passive and active modes include info about the form of the attack and how it was prevented, what IP address it originated from and other important information that could help you to tighten the security of your sites by updating them or blocking IPs, as an example. In addition to the commercial rules that we get for ModSecurity from a third-party security firm, we also implement our own rules because every now and then we identify specific attacks that aren't yet present within the commercial pack. This way, we could boost the security of your VPS promptly as opposed to waiting for a certified update.
ModSecurity in Dedicated Hosting
ModSecurity is provided with all dedicated servers which are set up with our Hepsia CP and you won't have to do anything specific on your end to employ it because it is enabled by default every time you add a new domain or subdomain on your web server. In case it interferes with some of your programs, you'll be able to stop it through the respective part of Hepsia, or you may leave it working in passive mode, so it shall identify attacks and shall still keep a log for them, but shall not stop them. You'll be able to look at the logs later to determine what you can do to enhance the protection of your sites since you'll find info such as where an intrusion attempt came from, what site was attacked and in accordance with what rule ModSecurity reacted, etcetera. The rules we use are commercial, hence they're frequently updated by a security provider, but to be on the safe side, our admins also include custom rules every now and then as to deal with any new threats they have found.