ModSecurity is a plugin for Apache web servers that acts as a web app layer firewall. It's used to stop attacks towards script-driven Internet sites through the use of security rules that contain particular expressions. This way, the firewall can stop hacking and spamming attempts and protect even sites that are not updated regularly. As an example, a number of failed login attempts to a script admin area or attempts to execute a certain file with the intention to get access to the script will trigger specific rules, so ModSecurity shall block out these activities the instant it identifies them. The firewall is extremely efficient since it screens the entire HTTP traffic to a site in real time without slowing it down, so it will be able to stop an attack before any harm is done. It additionally maintains an incredibly detailed log of all attack attempts which includes more info than conventional Apache logs, so you could later analyze the data and take extra measures to enhance the security of your Internet sites if necessary.
ModSecurity in Shared Hosting
ModSecurity is available on all shared hosting machines, so when you choose to host your sites with our business, they shall be protected against an array of attacks. The firewall is enabled by default for all domains and subdomains, so there will be nothing you shall have to do on your end. You shall be able to stop ModSecurity for any Internet site if needed, or to switch on a detection mode, so all activity shall be recorded, but the firewall will not take any real action. You'll be able to view specific logs through your Hepsia CP including the IP address where the attack originated from, what the attacker wished to do and how ModSecurity handled the threat. As we take the security of our customers' sites seriously, we use a collection of commercial rules which we take from one of the best companies which maintain this sort of rules. Our administrators also include custom rules to ensure that your Internet sites will be shielded from as many threats as possible.
ModSecurity in Semi-dedicated Servers
All semi-dedicated server solutions that we offer feature ModSecurity and because the firewall is switched on by default, any Internet site you build under a domain or a subdomain shall be protected right away. A separate section inside the Hepsia CP that comes with the semi-dedicated accounts is dedicated to ModSecurity and it shall enable you to stop and start the firewall for any site or switch on a detection mode. With the last mentioned, ModSecurity will not take any action, but it'll still recognize possible attacks and shall keep all data within a log as if it were completely active. The logs can be found in the same section of the Control Panel and they feature info about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to identify and stop it, and so on. The security rules that we employ on our servers are a mix of commercial ones from a security company and custom ones made by our system admins. For that reason, we offer higher security for your web programs as we can shield them from attacks before security businesses release updates for completely new threats.
ModSecurity in VPS Servers
Security is extremely important to us, so we install ModSecurity on all VPS servers which are made available with the Hepsia Control Panel as a standard. The firewall could be managed through a dedicated section inside Hepsia and is switched on automatically when you include a new domain or generate a subdomain, so you will not need to do anything by hand. You shall also be able to disable it or turn on the so-called detection mode, so it'll maintain a log of possible attacks you can later examine, but will not block them. The logs in both passive and active modes include details about the type of the attack and how it was stopped, what IP it originated from and other useful data which may help you to tighten the security of your Internet sites by updating them or blocking IPs, for example. In addition to the commercial rules which we get for ModSecurity from a third-party security company, we also employ our own rules since once in a while we find specific attacks that are not yet present inside the commercial package. This way, we can enhance the security of your Virtual private server promptly as opposed to awaiting a certified update.
ModSecurity in Dedicated Servers
ModSecurity is included with all dedicated servers which are set up with our Hepsia CP and you won't have to do anything specific on your end to employ it because it is switched on by default whenever you add a new domain or subdomain on your hosting server. If it interferes with any of your programs, you'll be able to stop it via the respective section of Hepsia, or you could leave it working in passive mode, so it shall identify attacks and shall still keep a log for them, but won't block them. You can examine the logs later to learn what you can do to enhance the protection of your sites as you shall find details such as where an intrusion attempt came from, what site was attacked and based on what rule ModSecurity reacted, and so forth. The rules which we employ are commercial, hence they are regularly updated by a security company, but to be on the safe side, our admins also include custom rules occasionally as to react to any new threats they have identified.