ModSecurity is a plugin for Apache web servers that acts as a web application layer firewall. It is used to prevent attacks towards script-driven sites by employing security rules that contain particular expressions. That way, the firewall can stop hacking and spamming attempts and preserve even websites that are not updated regularly. As an example, numerous unsuccessful login attempts to a script admin area or attempts to execute a certain file with the purpose to get access to the script will trigger specific rules, so ModSecurity shall stop these activities the instant it identifies them. The firewall is quite efficient because it tracks the whole HTTP traffic to a website in real time without slowing it down, so it could prevent an attack before any damage is done. It furthermore keeps an exceptionally thorough log of all attack attempts which includes more information than standard Apache logs, so you could later examine the data and take further measures to improve the security of your sites if needed.
ModSecurity in Hosting
ModSecurity is available with every hosting solution that we provide and it's switched on by default for any domain or subdomain that you add through your Hepsia Control Panel. In case it disrupts any of your applications or you'd like to disable it for some reason, you shall be able to accomplish that through the ModSecurity area of Hepsia with just a mouse click. You can also enable a passive mode, so the firewall will discover possible attacks and keep a log, but shall not take any action. You could see extensive logs in the very same section, including the IP address where the attack originated from, exactly what the attacker tried to do and at what time, what ModSecurity did, etcetera. For maximum security of our customers we use a collection of commercial firewall rules blended with custom ones that are provided by our system administrators.
ModSecurity in Semi-dedicated Servers
All semi-dedicated server plans that we offer come with ModSecurity and since the firewall is switched on by default, any site that you set up under a domain or a subdomain shall be secured straight away. An individual section in the Hepsia CP that comes with the semi-dedicated accounts is dedicated to ModSecurity and it'll enable you to start and stop the firewall for any website or activate a detection mode. With the latter, ModSecurity shall not take any action, but it will still detect possible attacks and will keep all data inside a log as if it were completely active. The logs can be found within the exact same section of the CP and they feature info about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to identify and stop it, and so forth. The security rules we employ on our web servers are a mix between commercial ones from a security company and custom ones made by our system admins. As a result, we offer greater security for your web applications as we can protect them from attacks before security corporations release updates for brand new threats.
ModSecurity in VPS Servers
Safety is essential to us, so we set up ModSecurity on all VPS servers which are provided with the Hepsia Control Panel by default. The firewall can be managed via a dedicated section inside Hepsia and is activated automatically when you include a new domain or create a subdomain, so you won't have to do anything manually. You will also be able to disable it or activate the so-called detection mode, so it shall maintain a log of potential attacks that you can later examine, but will not block them. The logs in both passive and active modes offer info regarding the type of the attack and how it was eliminated, what IP it originated from and other important data that might help you to tighten the security of your sites by updating them or blocking IPs, as an example. On top of the commercial rules we get for ModSecurity from a third-party security firm, we also employ our own rules because occasionally we identify specific attacks which aren't yet present inside the commercial group. That way, we can increase the security of your VPS promptly instead of waiting for an official update.
ModSecurity in Dedicated Servers
ModSecurity is included with all dedicated servers which are set up with our Hepsia Control Panel and you won't have to do anything specific on your end to employ it because it is switched on by default each time you add a new domain or subdomain on your web server. In case it disrupts some of your apps, you'll be able to stop it through the respective area of Hepsia, or you could leave it working in passive mode, so it'll identify attacks and shall still maintain a log for them, but will not prevent them. You can look at the logs later to learn what you can do to increase the safety of your websites as you'll find information such as where an intrusion attempt originated from, what Internet site was attacked and in accordance with what rule ModSecurity responded, and so on. The rules we use are commercial, hence they're frequently updated by a security firm, but to be on the safe side, our staff also add custom rules every now and then in order to respond to any new threats they have found.