ModSecurity is a plugin for Apache web servers that functions as a web application layer firewall. It is employed to prevent attacks toward script-driven sites by using security rules which contain certain expressions. In this way, the firewall can stop hacking and spamming attempts and shield even Internet sites that are not updated regularly. For example, several unsuccessful login attempts to a script administrative area or attempts to execute a certain file with the objective to get access to the script will trigger certain rules, so ModSecurity shall block these activities the minute it detects them. The firewall is incredibly efficient as it tracks the whole HTTP traffic to an Internet site in real time without slowing it down, so it can stop an attack before any harm is done. It furthermore keeps a very detailed log of all attack attempts that features more information than standard Apache logs, so you can later examine the data and take further measures to boost the security of your websites if needed.
ModSecurity in Shared Web Hosting
ModSecurity comes by default with all shared web hosting packages that we supply and it'll be turned on automatically for any domain or subdomain you add/create inside your Hepsia hosting CP. The firewall has 3 different modes, so you could switch on and deactivate it with just a click or set it to detection mode, so it shall maintain a log of all attacks, but it shall not do anything to prevent them. The log for each of your sites will include in-depth information which includes the nature of the attack, where it came from, what action was taken by ModSecurity, and so forth. The firewall rules that we use are constantly updated and consist of both commercial ones which we get from a third-party security business and custom ones that our system administrators add in the event that they detect a new kind of attacks. This way, the websites that you host here shall be far more secure with no action expected on your end.
ModSecurity in Semi-dedicated Servers
ModSecurity is a part of our semi-dedicated server solutions and if you choose to host your Internet sites with us, there shall not be anything special you'll have to do given that the firewall is switched on by default for all domains and subdomains that you add via your hosting CP. If necessary, you'll be able to disable ModSecurity for a certain Internet site or turn on the so-called detection mode in which case the firewall shall still operate and record info, but will not do anything to stop possible attacks on your websites. Comprehensive logs will be accessible in your Control Panel and you shall be able to see which kind of attacks happened, what security rules were triggered and how the firewall addressed the threats, what IP addresses the attacks originated from, and so on. We use two kinds of rules on our servers - commercial ones from a business that operates in the field of web security, and customized ones which our admins sometimes add to respond to newly discovered threats promptly.
ModSecurity in VPS Servers
Protection is of the utmost importance to us, so we set up ModSecurity on all VPS servers that are provided with the Hepsia Control Panel by default. The firewall could be managed through a dedicated section in Hepsia and is turned on automatically when you add a new domain or generate a subdomain, so you'll not need to do anything personally. You will also be able to deactivate it or switch on the so-called detection mode, so it'll maintain a log of potential attacks that you can later analyze, but will not stop them. The logs in both passive and active modes contain details about the type of the attack and how it was stopped, what IP address it came from and other useful info that may help you to tighten the security of your Internet sites by updating them or blocking IPs, for instance. On top of the commercial rules we get for ModSecurity from a third-party security company, we also employ our own rules as from time to time we identify specific attacks which aren't yet present within the commercial package. This way, we can easily enhance the security of your VPS in a timely manner as opposed to waiting for an official update.
ModSecurity in Dedicated Servers
ModSecurity comes with all dedicated servers which are integrated with our Hepsia Control Panel and you'll not have to do anything specific on your end to use it because it's turned on by default every time you add a new domain or subdomain on your server. In the event that it interferes with some of your apps, you will be able to stop it through the respective part of Hepsia, or you may leave it working in passive mode, so it will identify attacks and shall still keep a log for them, but shall not prevent them. You may analyze the logs later to determine what you can do to improve the protection of your Internet sites since you shall find info such as where an intrusion attempt originated from, what website was attacked and in accordance with what rule ModSecurity reacted, etc. The rules which we use are commercial, therefore they are constantly updated by a security firm, but to be on the safe side, our administrators also include custom rules occasionally in order to respond to any new threats they have found.