ModSecurity is a plugin for Apache web servers that acts as a web app layer firewall. It's used to stop attacks towards script-driven websites through the use of security rules which contain particular expressions. That way, the firewall can block hacking and spamming attempts and shield even sites which aren't updated regularly. As an example, numerous unsuccessful login attempts to a script administrator area or attempts to execute a specific file with the intention to get access to the script will trigger particular rules, so ModSecurity shall block these activities the moment it identifies them. The firewall is extremely efficient since it tracks the whole HTTP traffic to an Internet site in real time without slowing it down, so it can easily stop an attack before any harm is done. It also maintains an incredibly detailed log of all attack attempts that includes more information than conventional Apache logs, so you can later analyze the data and take further measures to increase the security of your websites if required.
ModSecurity in Cloud Website Hosting
We provide ModSecurity with all cloud website hosting solutions, so your web applications shall be protected against harmful attacks. The firewall is turned on by default for all domains and subdomains, but if you would like, you will be able to stop it using the respective area of your Hepsia CP. You could also switch on a detection mode, so ModSecurity will keep a log as intended, but will not take any action. The logs that you'll find within Hepsia are very detailed and include information about the nature of any attack, when it transpired and from what IP, the firewall rule which was triggered, and so forth. We use a range of commercial rules which are regularly updated, but sometimes our admins add custom rules as well so as to efficiently protect the Internet sites hosted on our machines.
ModSecurity in Semi-dedicated Servers
ModSecurity is part of our semi-dedicated server packages and if you opt to host your sites with us, there shall not be anything special you will have to do as the firewall is switched on by default for all domains and subdomains which you add via your hosting Control Panel. If required, you could disable ModSecurity for a given website or activate the so-called detection mode in which case the firewall will still operate and record data, but won't do anything to stop possible attacks against your websites. Thorough logs shall be readily available inside your CP and you shall be able to see which kind of attacks happened, what security rules were triggered and how the firewall handled the threats, what Internet protocol addresses the attacks came from, etcetera. We employ 2 kinds of rules on our servers - commercial ones from a company that operates in the field of web security, and custom made ones that our admins occasionally add to respond to newly identified risks in a timely manner.
ModSecurity in VPS Servers
All VPS servers that are provided with the Hepsia Control Panel come with ModSecurity. The firewall is set up and switched on by default for all domains that are hosted on the server, so there shall not be anything special which you shall have to do to protect your Internet sites. It shall take you only a mouse click to stop ModSecurity if necessary or to turn on its passive mode so that it records what occurs without taking any actions to stop intrusions. You shall be able to see the logs generated in passive or active mode through the corresponding section of Hepsia and learn more about the type of the attack, where it originated from, what rule the firewall employed to take care of it, etc. We employ a mix of commercial and custom rules in order to make sure that ModSecurity will block out as many risks as possible, consequently enhancing the protection of your web programs as much as possible.
ModSecurity in Dedicated Servers
If you decide to host your sites on a dedicated server with the Hepsia CP, your web applications shall be secured right away since ModSecurity is provided with all Hepsia-based solutions. You will be able to manage the firewall without difficulty and if required, you shall be able to turn it off or switch on its passive mode when it'll only keep a log of what is going on without taking any action to prevent potential attacks. The logs which you'll find within the very same section of the CP are quite detailed and feature details about the attacker IP, what website and file were attacked and in what way, what rule the firewall employed to prevent the intrusion, and so on. This information shall permit you to take measures and enhance the protection of your sites even more. To be on the safe side, we use not just commercial rules, but also custom-made ones that our administrators include every time they detect attacks that haven't yet been included inside the commercial pack.