ModSecurity is a plugin for Apache web servers that acts as a web app layer firewall. It is employed to stop attacks towards script-driven sites by employing security rules which contain specific expressions. That way, the firewall can stop hacking and spamming attempts and shield even Internet sites which aren't updated often. As an example, numerous failed login attempts to a script administrator area or attempts to execute a particular file with the purpose to get access to the script shall trigger specific rules, so ModSecurity shall block out these activities the second it detects them. The firewall is incredibly efficient since it tracks the entire HTTP traffic to an Internet site in real time without slowing it down, so it can prevent an attack before any damage is done. It furthermore maintains a very detailed log of all attack attempts which features more info than standard Apache logs, so you could later analyze the data and take further measures to improve the security of your sites if necessary.
ModSecurity in Shared Hosting
ModSecurity is available with every shared hosting package which we provide and it's activated by default for every domain or subdomain that you include via your Hepsia Control Panel. In the event that it interferes with any of your apps or you would like to disable it for whatever reason, you will be able to do this through the ModSecurity section of Hepsia with merely a mouse click. You can also use a passive mode, so the firewall will detect potential attacks and maintain a log, but shall not take any action. You can view detailed logs in the very same section, including the IP where the attack originated from, what precisely the attacker aimed to do and at what time, what ModSecurity did, and so forth. For optimum safety of our clients we use a set of commercial firewall rules combined with custom ones which are provided by our system administrators.
ModSecurity in Semi-dedicated Servers
All semi-dedicated server plans which we offer feature ModSecurity and because the firewall is switched on by default, any site you create under a domain or a subdomain shall be secured immediately. An independent section in the Hepsia Control Panel which comes with the semi-dedicated accounts is dedicated to ModSecurity and it'll permit you to stop and start the firewall for any site or enable a detection mode. With the last mentioned, ModSecurity will not take any action, but it will still identify possible attacks and will keep all data in a log as if it were fully active. The logs could be found inside the very same section of the Control Panel and they offer info about the IP where an attack came from, what its nature was, what rule ModSecurity applies to recognize and stop it, and so forth. The security rules which we use on our machines are a mix between commercial ones from a security business and custom ones developed by our system administrators. As a result, we offer greater security for your web applications as we can protect them from attacks even before security firms release updates for new threats.
ModSecurity in VPS Servers
ModSecurity is included with all Hepsia-based VPS servers that we offer and it will be switched on automatically for every new domain or subdomain you add on the server. This way, any web application you install shall be protected right from the start without doing anything personally on your end. The firewall may be handled through the section of the CP which has the same name. This is the place in whichyou'll be able to switch off ModSecurity or enable its passive mode, so it shall not take any action towards threats, but shall still maintain a comprehensive log. The recorded info is available in the same area as well and you shall be able to see what IPs any attacks came from so that you block them, what the nature of the attempted attacks was and based upon what security rules ModSecurity responded. The rules that we use on our servers are a combination between commercial ones we obtain from a security firm and custom ones that are added by our staff to maximize the protection of any web applications hosted on our end.
ModSecurity in Dedicated Servers
ModSecurity is provided with all dedicated servers that are integrated with our Hepsia CP and you'll not have to do anything specific on your end to employ it as it's activated by default each time you include a new domain or subdomain on your server. In case it interferes with any of your apps, you will be able to stop it through the respective section of Hepsia, or you can leave it operating in passive mode, so it'll detect attacks and shall still keep a log for them, but shall not prevent them. You may examine the logs later to find out what you can do to enhance the security of your sites since you will find information such as where an intrusion attempt originated from, what Internet site was attacked and based upon what rule ModSecurity responded, etc. The rules we employ are commercial, therefore they're constantly updated by a security provider, but to be on the safe side, our staff also include custom rules every now and then as to react to any new threats they have found.