ModSecurity is a plugin for Apache web servers that functions as a web application layer firewall. It is employed to prevent attacks toward script-driven websites by using security rules that contain particular expressions. In this way, the firewall can stop hacking and spamming attempts and preserve even Internet sites which aren't updated often. For example, numerous failed login attempts to a script admin area or attempts to execute a certain file with the objective to get access to the script shall trigger particular rules, so ModSecurity will block these activities the instant it detects them. The firewall is incredibly efficient because it screens the whole HTTP traffic to an Internet site in real time without slowing it down, so it will be able to prevent an attack before any harm is done. It also keeps an incredibly detailed log of all attack attempts that features more information than typical Apache logs, so you can later examine the data and take extra measures to enhance the security of your Internet sites if required.
ModSecurity in Hosting
We offer ModSecurity with all hosting solutions, so your Internet apps will be shielded from destructive attacks. The firewall is turned on by default for all domains and subdomains, but in case you would like, you will be able to stop it via the respective section of your Hepsia CP. You could also activate a detection mode, so ModSecurity shall keep a log as intended, but won't take any action. The logs which you will discover inside Hepsia are quite detailed and include data about the nature of any attack, when it occurred and from what IP, the firewall rule which was triggered, and so on. We use a set of commercial rules which are constantly updated, but sometimes our administrators add custom rules as well in order to better protect the websites hosted on our servers.
ModSecurity in Semi-dedicated Hosting
Any web app that you install in your new semi-dedicated hosting account shall be protected by ModSecurity since the firewall is included with all our hosting plans and is switched on by default for any domain and subdomain that you add or create through your Hepsia hosting Control Panel. You'll be able to manage ModSecurity through a dedicated section in Hepsia where not only can you activate or deactivate it completely, but you can also enable a passive mode, so the firewall will not stop anything, but it'll still maintain a record of potential attacks. This takes simply a click and you shall be able to view the logs regardless if ModSecurity is in passive or active mode through the same section - what the attack was and where it originated from, how it was handled, and so on. The firewall employs two sets of rules on our web servers - a commercial one which we get from a third-party web security provider and a custom one that our admins update personally in order to respond to newly discovered threats immediately.
ModSecurity in VPS Web Hosting
All virtual private servers which are offered with the Hepsia Control Panel include ModSecurity. The firewall is set up and turned on by default for all domains which are hosted on the server, so there won't be anything special which you will have to do to protect your sites. It will take you simply a mouse click to stop ModSecurity if required or to turn on its passive mode so that it records what occurs without taking any actions to prevent intrusions. You'll be able to view the logs created in passive or active mode through the corresponding section of Hepsia and learn more about the type of the attack, where it originated from, what rule the firewall employed to take care of it, etcetera. We employ a mixture of commercial and custom rules in order to make certain that ModSecurity will prevent as many threats as possible, hence boosting the protection of your web apps as much as possible.
ModSecurity in Dedicated Servers Hosting
All our dedicated servers which are installed with the Hepsia hosting Control Panel feature ModSecurity, so any app which you upload or set up shall be secured from the very beginning and you won't need to stress about common attacks or vulnerabilities. An independent section in Hepsia will enable you to start or stop the firewall for each domain or subdomain, or activate a detection mode so that it records details about intrusions, but does not take actions to stop them. What you shall find in the logs can easily allow you to to secure your sites better - the IP an attack originated from, what site was attacked and exactly how, what ModSecurity rule was triggered, and so on. With this info, you'll be able to see if an Internet site needs an update, if you should block IPs from accessing your hosting server, and so forth. In addition to the third-party commercial security rules for ModSecurity we use, our administrators add custom ones as well if they find a new threat that is not yet included in the commercial bundle.