ModSecurity is a plugin for Apache web servers that functions as a web app layer firewall. It is used to stop attacks against script-driven sites by using security rules which contain specific expressions. That way, the firewall can stop hacking and spamming attempts and protect even Internet sites which aren't updated regularly. As an example, numerous failed login attempts to a script admin area or attempts to execute a particular file with the objective to get access to the script will trigger certain rules, so ModSecurity will block out these activities the instant it detects them. The firewall is extremely efficient since it monitors the whole HTTP traffic to a site in real time without slowing it down, so it could prevent an attack before any harm is done. It additionally maintains an exceptionally thorough log of all attack attempts that contains more information than conventional Apache logs, so you can later check out the data and take extra measures to enhance the security of your sites if required.
ModSecurity in Shared Hosting
ModSecurity can be found with every single shared hosting
package which we offer and it's turned on by default for any domain or subdomain which you include via your Hepsia Control Panel. If it interferes with any of your programs or you would like to disable it for any reason, you will be able to do that through the ModSecurity section of Hepsia with just a mouse click. You could also enable a passive mode, so the firewall will detect potential attacks and maintain a log, but will not take any action. You can view comprehensive logs in the same section, including the IP where the attack originated from, what exactly the attacker aimed to do and at what time, what ModSecurity did, and so on. For optimum protection of our clients we use a collection of commercial firewall rules mixed with custom ones that are provided by our system admins.
ModSecurity in Semi-dedicated Servers
All semi-dedicated server
plans that we offer include ModSecurity and since the firewall is enabled by default, any Internet site you set up under a domain or a subdomain shall be protected straight away. An individual section within the Hepsia CP that comes with the semi-dedicated accounts is devoted to ModSecurity and it will allow you to stop and start the firewall for any Internet site or enable a detection mode. With the last option, ModSecurity shall not take any action, but it'll still identify possible attacks and will keep all information in a log as if it were completely active. The logs can be found within the same section of the CP and they include information about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to identify and stop it, etc. The security rules we employ on our servers are a mix of commercial ones from a security business and custom ones made by our system administrators. For that reason, we provide greater security for your web programs as we can shield them from attacks even before security companies release updates for brand new threats.
ModSecurity in VPS Servers
All VPS servers
which are set up with the Hepsia Control Panel include ModSecurity. The firewall is installed and activated by default for all domains that are hosted on the server, so there won't be anything special which you shall have to do to protect your sites. It'll take you just a click to stop ModSecurity if required or to turn on its passive mode so that it records what goes on without taking any actions to stop intrusions. You'll be able to see the logs generated in active or passive mode via the corresponding section of Hepsia and find out more about the type of the attack, where it originated from, what rule the firewall employed to take care of it, and so forth. We employ a mixture of commercial and custom rules so as to ensure that ModSecurity shall stop as many threats as possible, hence boosting the security of your web applications as much as possible.
ModSecurity in Dedicated Servers
ModSecurity is provided with all dedicated servers
which are set up with our Hepsia Control Panel and you will not have to do anything specific on your end to use it because it is activated by default each time you include a new domain or subdomain on your hosting server. In the event that it interferes with any of your apps, you'll be able to stop it through the respective part of Hepsia, or you may leave it working in passive mode, so it shall identify attacks and shall still keep a log for them, but shall not block them. You could look at the logs later to determine what you can do to enhance the security of your websites as you shall find information such as where an intrusion attempt came from, what Internet site was attacked and based on what rule ModSecurity reacted, etcetera. The rules we use are commercial, hence they're constantly updated by a security company, but to be on the safe side, our administrators also add custom rules from time to time in order to respond to any new threats they have found.