ModSecurity is a plugin for Apache web servers which functions as a web app layer firewall. It is used to prevent attacks towards script-driven Internet sites through the use of security rules which contain certain expressions. In this way, the firewall can prevent hacking and spamming attempts and preserve even websites which aren't updated frequently. For instance, numerous unsuccessful login attempts to a script administrative area or attempts to execute a certain file with the intention to get access to the script will trigger certain rules, so ModSecurity will stop these activities the moment it detects them. The firewall is extremely efficient as it monitors the whole HTTP traffic to an Internet site in real time without slowing it down, so it will be able to stop an attack before any harm is done. It also maintains a very detailed log of all attack attempts that includes more information than conventional Apache logs, so you could later check out the data and take extra measures to enhance the security of your Internet sites if needed.
ModSecurity in Cloud Website Hosting
ModSecurity comes standard with all cloud website hosting solutions that we supply and it'll be activated automatically for any domain or subdomain that you add/create inside your Hepsia hosting CP. The firewall has 3 different modes, so you'll be able to activate and disable it with just a mouse click or set it to detection mode, so it shall keep a log of all attacks, but it shall not do anything to stop them. The log for any of your Internet sites will include detailed information which includes the nature of the attack, where it originated from, what action was taken by ModSecurity, and so forth. The firewall rules we use are regularly updated and consist of both commercial ones that we get from a third-party security company and custom ones that our system admins add in the event that they detect a new type of attacks. This way, the Internet sites that you host here will be a lot more secure without any action required on your end.
ModSecurity in Semi-dedicated Servers
Any web app which you install in your new semi-dedicated server account will be protected by ModSecurity because the firewall comes with all our hosting plans and is activated by default for any domain and subdomain you include or create using your Hepsia hosting Control Panel. You will be able to manage ModSecurity via a dedicated area inside Hepsia where not only can you activate or deactivate it completely, but you could also activate a passive mode, so the firewall will not stop anything, but it will still keep a record of potential attacks. This requires just a mouse click and you shall be able to look at the logs regardless if ModSecurity is in passive or active mode through the same section - what the attack was and where it came from, how it was taken care of, etc. The firewall uses 2 sets of rules on our web servers - a commercial one that we get from a third-party web security firm and a custom one which our admins update personally in order to respond to recently discovered threats as quickly as possible.
ModSecurity in VPS Servers
Security is of the utmost importance to us, so we install ModSecurity on all VPS servers that are made available with the Hepsia CP as a standard. The firewall could be managed through a dedicated section within Hepsia and is turned on automatically when you include a new domain or create a subdomain, so you won't have to do anything by hand. You will also be able to deactivate it or turn on the so-called detection mode, so it'll keep a log of possible attacks which you can later analyze, but will not stop them. The logs in both passive and active modes include info regarding the type of the attack and how it was eliminated, what IP address it originated from and other useful information which may help you to tighten the security of your Internet sites by updating them or blocking IPs, as an example. In addition to the commercial rules that we get for ModSecurity from a third-party security firm, we also implement our own rules since from time to time we discover specific attacks that are not yet present inside the commercial package. That way, we can easily improve the security of your VPS instantly instead of awaiting a certified update.
ModSecurity in Dedicated Servers
ModSecurity comes with all dedicated servers which are set up with our Hepsia CP and you'll not have to do anything specific on your end to employ it since it is turned on by default whenever you add a new domain or subdomain on your web server. If it disrupts any of your apps, you will be able to stop it through the respective part of Hepsia, or you can leave it operating in passive mode, so it'll recognize attacks and will still keep a log for them, but will not block them. You may look at the logs later to find out what you can do to boost the safety of your sites as you'll find info such as where an intrusion attempt originated from, what Internet site was attacked and based on what rule ModSecurity reacted, and so forth. The rules we use are commercial, therefore they are frequently updated by a security provider, but to be on the safe side, our staff also include custom rules once in a while as to deal with any new threats they have discovered.