ModSecurity is a plugin for Apache web servers which functions as a web application layer firewall. It's employed to stop attacks against script-driven sites by using security rules that contain certain expressions. This way, the firewall can block hacking and spamming attempts and protect even sites that aren't updated frequently. For example, numerous unsuccessful login attempts to a script administrator area or attempts to execute a specific file with the intention to get access to the script shall trigger particular rules, so ModSecurity shall stop these activities the second it detects them. The firewall is very efficient because it screens the whole HTTP traffic to a website in real time without slowing it down, so it can easily prevent an attack before any harm is done. It furthermore keeps an exceptionally thorough log of all attack attempts which contains more info than conventional Apache logs, so you can later check out the data and take further measures to increase the security of your sites if necessary.
ModSecurity in Shared Website Hosting
We provide ModSecurity with all shared website hosting plans, so your web applications will be shielded from destructive attacks. The firewall is turned on by default for all domains and subdomains, but in case you would like, you'll be able to stop it via the respective part of your Hepsia Control Panel. You can also activate a detection mode, so ModSecurity will keep a log as intended, but won't take any action. The logs which you'll discover within Hepsia are very detailed and offer information about the nature of any attack, when it transpired and from what IP address, the firewall rule which was triggered, and so on. We employ a group of commercial rules which are often updated, but sometimes our administrators add custom rules as well so as to efficiently protect the websites hosted on our machines.
ModSecurity in Semi-dedicated Hosting
All semi-dedicated hosting packages that we offer include ModSecurity and since the firewall is enabled by default, any Internet site that you create under a domain or a subdomain will be secured straight away. An independent section inside the Hepsia Control Panel that comes with the semi-dedicated accounts is devoted to ModSecurity and it will allow you to stop and start the firewall for any Internet site or switch on a detection mode. With the last option, ModSecurity won't take any action, but it'll still identify possible attacks and shall keep all information within a log as if it were completely active. The logs can be found within the very same section of the CP and they include info about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to identify and stop it, and so on. The security rules which we employ on our web servers are a mix of commercial ones from a security firm and custom ones developed by our system admins. Therefore, we offer increased security for your web applications as we can protect them from attacks even before security corporations release updates for completely new threats.
ModSecurity in VPS Web Hosting
Safety is very important to us, so we install ModSecurity on all virtual private servers which are provided with the Hepsia CP as a standard. The firewall could be managed through a dedicated section in Hepsia and is switched on automatically when you add a new domain or create a subdomain, so you'll not need to do anything personally. You shall also be able to disable it or switch on the so-called detection mode, so it will keep a log of possible attacks which you can later study, but will not stop them. The logs in both passive and active modes offer info regarding the type of the attack and how it was stopped, what IP it originated from and other valuable data that may help you to tighten the security of your Internet sites by updating them or blocking IPs, for example. In addition to the commercial rules we get for ModSecurity from a third-party security firm, we also implement our own rules as once in a while we detect specific attacks that are not yet present within the commercial package. That way, we can enhance the protection of your VPS immediately rather than waiting for a certified update.
ModSecurity in Dedicated Servers Hosting
ModSecurity is provided as standard with all dedicated servers that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain you host or subdomain that you create on the web server. Just in case that a web application does not function properly, you can either switch off the firewall or set it to work in passive mode. The latter means that ModSecurity shall maintain a log of any possible attack which might happen, but won't take any action to stop it. The logs created in active or passive mode will give you more details about the exact file that was attacked, the nature of the attack and the IP address it came from, and so forth. This data will enable you to determine what steps you can take to improve the security of your websites, including blocking IPs or carrying out script and plugin updates. The ModSecurity rules we use are updated regularly with a commercial package from a third-party security company we work with, but occasionally our administrators add their own rules as well when they identify a new potential threat.