ModSecurity is a plugin for Apache web servers that functions as a web app layer firewall. It's employed to prevent attacks toward script-driven sites by employing security rules which contain particular expressions. That way, the firewall can prevent hacking and spamming attempts and shield even websites which aren't updated often. As an example, numerous unsuccessful login attempts to a script admin area or attempts to execute a certain file with the purpose to get access to the script shall trigger certain rules, so ModSecurity shall block out these activities the instant it discovers them. The firewall is very efficient as it screens the whole HTTP traffic to a site in real time without slowing it down, so it will be able to prevent an attack before any damage is done. It also keeps a very detailed log of all attack attempts which includes more info than typical Apache logs, so you could later examine the data and take extra measures to enhance the security of your Internet sites if required.
ModSecurity in Cloud Web Hosting
We offer ModSecurity with all cloud web hosting
packages, so your web applications will be protected against malicious attacks. The firewall is switched on by default for all domains and subdomains, but if you'd like, you will be able to stop it through the respective part of your Hepsia CP. You can also activate a detection mode, so ModSecurity shall keep a log as intended, but shall not take any action. The logs which you'll find within Hepsia are very detailed and feature data about the nature of any attack, when it occurred and from what IP address, the firewall rule that was triggered, etcetera. We employ a group of commercial rules that are often updated, but sometimes our admins include custom rules as well in order to efficiently protect the sites hosted on our machines.
ModSecurity in Semi-dedicated Hosting
We have included ModSecurity by default in all semi-dedicated hosting
packages, so your web applications will be protected as soon as you set them up under any domain or subdomain. The Hepsia Control Panel that comes with the semi-dedicated accounts shall allow you to switch on or disable the firewall for any website with a mouse click. You will also be able to activate a passive detection mode in which ModSecurity will maintain a log of possible attacks without actually stopping them. The detailed logs include things like the nature of the attack and what ModSecurity response that attack generated, where it came from, etc. The list of rules we employ is regularly updated as to match any new threats that might appear on the Internet and it consists of both commercial rules that we get from a security company and custom-written ones which our admins add if they find a threat which is not present within the commercial list yet.
ModSecurity in VPS Hosting
All virtual private servers
that are provided with the Hepsia Control Panel come with ModSecurity. The firewall is set up and switched on by default for all domains that are hosted on the machine, so there will not be anything special that you'll need to do to protect your Internet sites. It'll take you simply a mouse click to stop ModSecurity if necessary or to activate its passive mode so that it records what goes on without taking any steps to prevent intrusions. You will be able to see the logs created in active or passive mode from the corresponding section of Hepsia and find out more about the form of the attack, where it came from, what rule the firewall employed to tackle it, etcetera. We use a mixture of commercial and custom rules in order to make certain that ModSecurity will block out as many risks as possible, hence improving the security of your web programs as much as possible.
ModSecurity in Dedicated Web Hosting
ModSecurity is offered by default with all dedicated servers
which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain that you host or subdomain that you create on the server. Just in case that a web application doesn't function correctly, you could either switch off the firewall or set it to work in passive mode. The second means that ModSecurity will keep a log of any possible attack which may happen, but shall not take any action to stop it. The logs created in passive or active mode shall give you more details about the exact file that was attacked, the form of the attack and the IP it came from, and so on. This information shall enable you to choose what actions you can take to boost the safety of your sites, including blocking IPs or carrying out script and plugin updates. The ModSecurity rules we employ are updated often with a commercial pack from a third-party security firm we work with, but oftentimes our administrators include their own rules also in case they identify a new potential threat.