ModSecurity is a plugin for Apache web servers that acts as a web app layer firewall. It is employed to stop attacks toward script-driven Internet sites through the use of security rules that contain specific expressions. That way, the firewall can stop hacking and spamming attempts and preserve even sites that aren't updated regularly. For example, several failed login attempts to a script administrative area or attempts to execute a particular file with the purpose to get access to the script shall trigger certain rules, so ModSecurity will block these activities the moment it identifies them. The firewall is quite efficient since it screens the entire HTTP traffic to a website in real time without slowing it down, so it can easily prevent an attack before any harm is done. It additionally keeps an exceptionally comprehensive log of all attack attempts which contains more information than typical Apache logs, so you can later examine the data and take extra measures to enhance the security of your sites if required.
ModSecurity in Shared Web Hosting
ModSecurity comes by default with all shared web hosting plans which we supply and it'll be activated automatically for any domain or subdomain which you add/create in your Hepsia hosting CP. The firewall has 3 different modes, so you'll be able to activate and deactivate it with simply a click or set it to detection mode, so it'll keep a log of all attacks, but it shall not do anything to stop them. The log for each of your websites shall feature comprehensive info including the nature of the attack, where it originated from, what action was taken by ModSecurity, and so on. The firewall rules which we use are frequently updated and include both commercial ones that we get from a third-party security business and custom ones our system administrators add in case that they detect a new sort of attacks. In this way, the sites that you host here shall be way more secure without any action required on your end.
ModSecurity in Semi-dedicated Servers
Any web application which you install within your new semi-dedicated server account will be protected by ModSecurity because the firewall is provided with all our hosting packages and is activated by default for any domain and subdomain that you add or create via your Hepsia hosting Control Panel. You'll be able to manage ModSecurity through a dedicated area within Hepsia where not only can you activate or deactivate it fully, but you could also activate a passive mode, so the firewall shall not block anything, but it'll still keep an archive of potential attacks. This normally requires only a click and you'll be able to see the logs no matter if ModSecurity is in passive or active mode through the same section - what the attack was and where it originated from, how it was taken care of, etc. The firewall uses 2 sets of rules on our servers - a commercial one which we get from a third-party web security company and a custom one which our admins update personally in order to respond to newly discovered risks immediately.
ModSecurity in VPS Servers
ModSecurity is pre-installed on all VPS servers that are provided with the Hepsia hosting CP, so your web programs will be protected from the instant your server is in a position. The firewall is activated by default for any domain or subdomain on the Virtual Private Server, but if necessary, you could disable it with a mouse click through the corresponding section of Hepsia. You could also set it to work in detection mode, so it'll keep a comprehensive log of any possible attacks without taking any action to prevent them. The logs are available inside the same section and provide details about the nature of the attack, what IP address it came from and what ModSecurity rule was activated to stop it. For best security, we employ not just commercial rules from a company working in the field of web security, but also custom ones our admins add manually in order to respond to new risks that are still not dealt with in the commercial rules.
ModSecurity in Dedicated Servers
All of our dedicated servers which are installed with the Hepsia hosting CP feature ModSecurity, so any app which you upload or install shall be protected from the very beginning and you will not have to bother about common attacks or vulnerabilities. An individual section inside Hepsia will permit you to start or stop the firewall for each and every domain or subdomain, or switch on a detection mode so that it records details about intrusions, but does not take actions to prevent them. What you will discover in the logs can easily help you to secure your websites better - the IP address an attack came from, what website was attacked and exactly how, what ModSecurity rule was triggered, etcetera. With this data, you could see whether a site needs an update, if you ought to block IPs from accessing your hosting server, etcetera. Besides the third-party commercial security rules for ModSecurity that we use, our admins add custom ones as well when they come across a new threat that's not yet a part of the commercial bundle.