ModSecurity is a plugin for Apache web servers that acts as a web app layer firewall. It is used to prevent attacks toward script-driven sites through the use of security rules which contain particular expressions. That way, the firewall can prevent hacking and spamming attempts and protect even sites which aren't updated regularly. As an example, a number of unsuccessful login attempts to a script administrative area or attempts to execute a certain file with the purpose to get access to the script will trigger particular rules, so ModSecurity will block these activities the second it identifies them. The firewall is quite efficient because it screens the whole HTTP traffic to a website in real time without slowing it down, so it can easily prevent an attack before any damage is done. It also keeps an exceptionally detailed log of all attack attempts which includes more info than traditional Apache logs, so you can later analyze the data and take further measures to enhance the security of your websites if required.
ModSecurity in Cloud Hosting
We offer ModSecurity with all cloud hosting packages, so your Internet applications will be shielded from harmful attacks. The firewall is turned on as standard for all domains and subdomains, but in case you would like, you shall be able to stop it through the respective part of your Hepsia Control Panel. You can also activate a detection mode, so ModSecurity shall keep a log as intended, but will not take any action. The logs which you will find inside Hepsia are very detailed and offer information about the nature of any attack, when it took place and from what IP, the firewall rule that was triggered, etc. We employ a range of commercial rules that are often updated, but sometimes our administrators add custom rules as well so as to efficiently protect the Internet sites hosted on our servers.
ModSecurity in Semi-dedicated Servers
ModSecurity is part of our semi-dedicated server plans and if you opt to host your sites with us, there shall not be anything special you'll have to do as the firewall is turned on by default for all domains and subdomains which you add through your hosting CP. If necessary, you could disable ModSecurity for a particular website or switch on the so-called detection mode in which case the firewall shall still operate and record info, but won't do anything to prevent potential attacks against your websites. In depth logs will be accessible within your CP and you shall be able to see what sort of attacks occurred, what security rules were triggered and how the firewall addressed the threats, what Internet protocol addresses the attacks originated from, and so on. We use two types of rules on our servers - commercial ones from a business which operates in the field of web security, and custom ones which our administrators often include to respond to newly identified risks in a timely manner.
ModSecurity in VPS Servers
Security is vital to us, so we install ModSecurity on all VPS servers which are provided with the Hepsia Control Panel as a standard. The firewall could be managed through a dedicated section inside Hepsia and is switched on automatically when you add a new domain or generate a subdomain, so you will not need to do anything personally. You will also be able to disable it or turn on the so-called detection mode, so it will maintain a log of possible attacks you can later analyze, but won't prevent them. The logs in both passive and active modes contain information about the type of the attack and how it was prevented, what IP address it originated from and other valuable info which might help you to tighten the security of your Internet sites by updating them or blocking IPs, as an example. Beyond the commercial rules which we get for ModSecurity from a third-party security firm, we also use our own rules because once in a while we detect specific attacks that are not yet present within the commercial group. This way, we could improve the protection of your VPS right away as opposed to awaiting an official update.
ModSecurity in Dedicated Servers
All our dedicated servers which are set up with the Hepsia hosting CP include ModSecurity, so any program that you upload or set up will be secured from the very beginning and you won't have to stress about common attacks or vulnerabilities. An individual section inside Hepsia will enable you to start or stop the firewall for every domain or subdomain, or activate a detection mode so that it records info about intrusions, but does not take actions to prevent them. What you shall see in the logs can easily allow you to to secure your Internet sites better - the IP address an attack came from, what website was attacked as well as how, what ModSecurity rule was triggered, and so forth. With this info, you can see whether an Internet site needs an update, if you need to block IPs from accessing your web server, and so on. Aside from the third-party commercial security rules for ModSecurity which we use, our admins include custom ones as well whenever they find a new threat that's not yet in the commercial bundle.