ModSecurity is a plugin for Apache web servers which functions as a web app layer firewall. It is used to stop attacks against script-driven Internet sites by using security rules that contain particular expressions. In this way, the firewall can prevent hacking and spamming attempts and shield even sites that are not updated regularly. As an example, numerous failed login attempts to a script admin area or attempts to execute a certain file with the objective to get access to the script shall trigger certain rules, so ModSecurity shall block these activities the minute it identifies them. The firewall is incredibly efficient since it tracks the entire HTTP traffic to a site in real time without slowing it down, so it can prevent an attack before any damage is done. It furthermore maintains an incredibly detailed log of all attack attempts which features more info than standard Apache logs, so you can later examine the data and take extra measures to increase the security of your Internet sites if needed.
ModSecurity in Cloud Hosting
ModSecurity is supplied with all cloud hosting web servers, so if you decide to host your sites with our organization, they'll be protected against a wide range of attacks. The firewall is enabled by default for all domains and subdomains, so there will be nothing you shall need to do on your end. You will be able to stop ModSecurity for any Internet site if needed, or to activate a detection mode, so that all activity will be recorded, but the firewall won't take any real action. You'll be able to view detailed logs using your Hepsia Control Panel including the IP where the attack originated from, what the attacker planned to do and how ModSecurity handled the threat. Since we take the protection of our customers' websites seriously, we employ a set of commercial rules that we take from one of the leading companies which maintain this sort of rules. Our administrators also add custom rules to make sure that your Internet sites will be protected against as many threats as possible.
ModSecurity in Semi-dedicated Servers
All semi-dedicated server solutions that we offer include ModSecurity and because the firewall is switched on by default, any website that you build under a domain or a subdomain shall be secured right from the start. An independent section within the Hepsia Control Panel that comes with the semi-dedicated accounts is devoted to ModSecurity and it'll enable you to start and stop the firewall for any Internet site or activate a detection mode. With the last mentioned, ModSecurity won't take any action, but it shall still recognize possible attacks and shall keep all data in a log as if it were completely active. The logs can be found inside the exact same section of the Control Panel and they offer specifics about the IP where an attack came from, what its nature was, what rule ModSecurity applies to recognize and stop it, etc. The security rules that we employ on our servers are a mix between commercial ones from a security firm and custom ones made by our system admins. Consequently, we offer increased security for your web applications as we can defend them from attacks even before security corporations release updates for new threats.
ModSecurity in VPS Servers
ModSecurity is pre-installed on all VPS servers that are set up with the Hepsia hosting Control Panel, so your web apps will be secured from the moment your server is ready. The firewall is switched on by default for any domain or subdomain on the Virtual Private Server, but if necessary, you could disable it with a click of your mouse from the corresponding section of Hepsia. You can also set it to function in detection mode, so it shall maintain a comprehensive log of any possible attacks without taking any action to prevent them. The logs are available in the exact same section and provide info about the nature of the attack, what IP it originated from and what ModSecurity rule was triggered to stop it. For maximum security, we use not simply commercial rules from a business operating in the field of web security, but also custom ones which our admins add manually so as to respond to new threats that are still not addressed in the commercial rules.
ModSecurity in Dedicated Servers
ModSecurity is provided by default with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain that you host or subdomain that you create on the hosting server. Just in case that a web app doesn't operate correctly, you could either turn off the firewall or set it to function in passive mode. The latter means that ModSecurity shall keep a log of any potential attack which could happen, but shall not take any action to prevent it. The logs produced in passive or active mode shall give you additional details about the exact file which was attacked, the form of the attack and the IP address it originated from, etcetera. This information shall enable you to choose what steps you can take to improve the security of your sites, for instance blocking IPs or carrying out script and plugin updates. The ModSecurity rules that we employ are updated frequently with a commercial bundle from a third-party security provider we work with, but occasionally our administrators add their own rules too when they identify a new potential threat.