ModSecurity is a plugin for Apache web servers which functions as a web application layer firewall. It is used to stop attacks towards script-driven sites by employing security rules which contain specific expressions. That way, the firewall can block hacking and spamming attempts and protect even sites which aren't updated frequently. For instance, several unsuccessful login attempts to a script administrator area or attempts to execute a certain file with the objective to get access to the script will trigger particular rules, so ModSecurity shall block out these activities the second it discovers them. The firewall is extremely efficient as it tracks the whole HTTP traffic to a site in real time without slowing it down, so it can prevent an attack before any harm is done. It also keeps a very comprehensive log of all attack attempts which includes more information than traditional Apache logs, so you can later analyze the data and take further measures to enhance the security of your Internet sites if needed.
ModSecurity in Website Hosting
ModSecurity is supplied with all website hosting servers, so when you choose to host your Internet sites with our organization, they will be shielded from a wide array of attacks. The firewall is enabled as standard for all domains and subdomains, so there will be nothing you will need to do on your end. You will be able to stop ModSecurity for any site if required, or to switch on a detection mode, so all activity shall be recorded, but the firewall will not take any real action. You shall be able to view detailed logs using your Hepsia CP including the IP address where the attack came from, what the attacker wished to do and how ModSecurity addressed the threat. As we take the security of our customers' websites seriously, we employ a set of commercial rules which we get from one of the best companies which maintain this kind of rules. Our admins also add custom rules to make sure that your Internet sites shall be protected against as many threats as possible.
ModSecurity in Semi-dedicated Servers
Any web application which you set up in your new semi-dedicated server account shall be protected by ModSecurity because the firewall is provided with all our hosting solutions and is switched on by default for any domain and subdomain you include or create through your Hepsia hosting CP. You shall be able to manage ModSecurity through a dedicated area within Hepsia where not simply can you activate or deactivate it fully, but you may also enable a passive mode, so the firewall shall not block anything, but it will still maintain a record of possible attacks. This requires just a mouse click and you'll be able to view the logs no matter if ModSecurity is in passive or active mode through the same section - what the attack was and where it came from, how it was taken care of, and so on. The firewall uses two groups of rules on our web servers - a commercial one that we get from a third-party web security company and a custom one which our administrators update manually in order to respond to newly discovered threats as quickly as possible.
ModSecurity in VPS Servers
ModSecurity is provided with all Hepsia-based VPS servers that we offer and it'll be switched on automatically for every new domain or subdomain that you add on the server. In this way, any web app that you install shall be secured right away without doing anything personally on your end. The firewall may be handled via the section of the Control Panel which has the same name. This is the location whereyou'll be able to disable ModSecurity or enable its passive mode, so it shall not take any action against threats, but shall still keep a detailed log. The recorded info is available within the same area as well and you'll be able to see what IPs any attacks came from so that you can stop them, what the nature of the attempted attacks was and based upon what security rules ModSecurity responded. The rules which we employ on our servers are a mixture between commercial ones we obtain from a security firm and custom ones which are added by our administrators to improve the protection of any web apps hosted on our end.
ModSecurity in Dedicated Servers
ModSecurity is provided with all dedicated servers that are integrated with our Hepsia Control Panel and you'll not need to do anything specific on your end to employ it as it's activated by default every time you add a new domain or subdomain on your web server. If it interferes with some of your applications, you will be able to stop it through the respective part of Hepsia, or you may leave it in passive mode, so it will recognize attacks and will still keep a log for them, but will not block them. You can examine the logs later to learn what you can do to improve the safety of your websites since you will find information such as where an intrusion attempt originated from, what website was attacked and based on what rule ModSecurity responded, etc. The rules that we employ are commercial, thus they're constantly updated by a security firm, but to be on the safe side, our admins also add custom rules from time to time in order to deal with any new threats they have found.