ModSecurity is a plugin for Apache web servers which acts as a web app layer firewall. It's used to prevent attacks toward script-driven sites through the use of security rules which contain particular expressions. In this way, the firewall can block hacking and spamming attempts and shield even websites which aren't updated on a regular basis. For example, several failed login attempts to a script administrator area or attempts to execute a specific file with the purpose to get access to the script shall trigger certain rules, so ModSecurity shall block out these activities the minute it detects them. The firewall is extremely efficient as it tracks the entire HTTP traffic to an Internet site in real time without slowing it down, so it will be able to stop an attack before any harm is done. It additionally maintains an exceptionally comprehensive log of all attack attempts which includes more info than conventional Apache logs, so you could later analyze the data and take further measures to enhance the security of your websites if needed.
ModSecurity in Shared Hosting
ModSecurity comes standard with all shared hosting solutions that we provide and it will be turned on automatically for any domain or subdomain you add/create in your Hepsia hosting Control Panel. The firewall has 3 different modes, so you can activate and disable it with simply a click or set it to detection mode, so it'll keep a log of all attacks, but it will not do anything to stop them. The log for each of your sites shall feature detailed information which includes the nature of the attack, where it came from, what action was taken by ModSecurity, etcetera. The firewall rules which we use are regularly updated and incorporate both commercial ones which we get from a third-party security business and custom ones which our system administrators include in the event that they detect a new type of attacks. That way, the websites you host here will be much more protected without any action expected on your end.
ModSecurity in Semi-dedicated Hosting
All semi-dedicated hosting packages which we offer feature ModSecurity and since the firewall is enabled by default, any Internet site you create under a domain or a subdomain will be protected right away. A separate section in the Hepsia CP that comes with the semi-dedicated accounts is devoted to ModSecurity and it will enable you to stop and start the firewall for any site or activate a detection mode. With the latter, ModSecurity will not take any action, but it will still recognize possible attacks and shall keep all data in a log as if it were fully active. The logs can be found in the very same section of the Control Panel and they offer information about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to recognize and stop it, etc. The security rules which we use on our web servers are a mix of commercial ones from a security firm and custom ones developed by our system admins. As a result, we offer greater security for your web applications as we can shield them from attacks even before security businesses release updates for new threats.
ModSecurity in VPS Hosting
ModSecurity is included with all Hepsia-based virtual private servers we offer and it will be switched on automatically for any new domain or subdomain that you add on the machine. In this way, any web application which you install shall be protected right from the start without doing anything by hand on your end. The firewall could be handled through the section of the CP which bears the same name. This is the place whereyou'll be able to switch off ModSecurity or activate its passive mode, so it will not take any action toward threats, but will still keep a detailed log. The recorded info is available within the same section as well and you'll be able to see what IPs any attacks originated from so that you block them, what the nature of the attempted attacks was and based upon what security rules ModSecurity reacted. The rules that we use on our servers are a mixture between commercial ones which we obtain from a security organization and custom ones which are included by our admins to optimize the security of any web apps hosted on our end.
ModSecurity in Dedicated Web Hosting
ModSecurity is available by default with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain which you host or subdomain you create on the web server. In the event that a web app doesn't operate adequately, you can either turn off the firewall or set it to operate in passive mode. The second means that ModSecurity shall maintain a log of any potential attack that may occur, but shall not take any action to prevent it. The logs created in passive or active mode will give you more details about the exact file that was attacked, the nature of the attack and the IP address it came from, etc. This information shall permit you to choose what steps you can take to improve the safety of your Internet sites, for instance blocking IPs or performing script and plugin updates. The ModSecurity rules we employ are updated frequently with a commercial bundle from a third-party security firm we work with, but oftentimes our admins include their own rules too in case they identify a new potential threat.