ModSecurity is a plugin for Apache web servers which functions as a web application layer firewall. It is used to prevent attacks towards script-driven sites by employing security rules that contain particular expressions. This way, the firewall can stop hacking and spamming attempts and preserve even sites that are not updated on a regular basis. For instance, multiple failed login attempts to a script administrator area or attempts to execute a specific file with the objective to get access to the script will trigger specific rules, so ModSecurity shall stop these activities the instant it discovers them. The firewall is extremely efficient because it tracks the whole HTTP traffic to a website in real time without slowing it down, so it can easily prevent an attack before any damage is done. It also maintains an incredibly detailed log of all attack attempts which contains more info than conventional Apache logs, so you can later analyze the data and take additional measures to enhance the security of your Internet sites if needed.
ModSecurity in Cloud Website Hosting
ModSecurity is supplied with all cloud website hosting
servers, so if you opt to host your sites with our business, they will be shielded from an array of attacks. The firewall is turned on as standard for all domains and subdomains, so there'll be nothing you'll need to do on your end. You'll be able to stop ModSecurity for any website if required, or to switch on a detection mode, so that all activity shall be recorded, but the firewall shall not take any real action. You'll be able to view detailed logs from your Hepsia Control Panel including the IP address where the attack originated from, what the attacker wished to do and how ModSecurity dealt with the threat. As we take the protection of our customers' sites seriously, we use a set of commercial rules that we take from one of the leading companies which maintain this kind of rules. Our admins also add custom rules to ensure that your sites will be protected against as many threats as possible.
ModSecurity in Semi-dedicated Hosting
We've included ModSecurity as a standard within all semi-dedicated hosting
plans, so your web apps will be protected as soon as you set them up under any domain or subdomain. The Hepsia Control Panel which is included with the semi-dedicated accounts will allow you to switch on or turn off the firewall for any site with a mouse click. You shall also be able to switch on a passive detection mode in which ModSecurity shall keep a log of possible attacks without actually preventing them. The detailed logs include the nature of the attack and what ModSecurity response this attack triggered, where it originated from, and so on. The list of rules which we use is regularly updated as to match any new risks that could appear on the Internet and it includes both commercial rules that we get from a security company and custom-written ones which our admins add in case they discover a threat that's not present in the commercial list yet.
ModSecurity in VPS Hosting
ModSecurity is included with all Hepsia-based virtual private servers
which we offer and it'll be turned on automatically for every new domain or subdomain that you include on the machine. In this way, any web application you install shall be protected immediately without doing anything manually on your end. The firewall may be managed from the section of the CP which has the same name. This is the location in whichyou'll be able to turn off ModSecurity or activate its passive mode, so it shall not take any action against threats, but shall still maintain a thorough log. The recorded info is available inside the same section as well and you will be able to see what IPs any attacks originated from so that you stop them, what the nature of the attempted attacks was and based on what security rules ModSecurity responded. The rules that we employ on our servers are a mixture between commercial ones we get from a security organization and custom ones which are added by our admins to optimize the security of any web applications hosted on our end.
ModSecurity in Dedicated Web Hosting
When you opt to host your sites on a dedicated server
with the Hepsia Control Panel, your web applications shall be protected right away since ModSecurity is supplied with all Hepsia-based solutions. You will be able to control the firewall effortlessly and if needed, you'll be able to turn it off or activate its passive mode when it'll only maintain a log of what's happening without taking any action to stop potential attacks. The logs that you can find within the exact same section of the CP are very detailed and include data about the attacker IP address, what website and file were attacked and in what ways, what rule the firewall employed to stop the intrusion, etc. This information shall permit you to take measures and improve the protection of your websites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones which our administrators include every time they detect attacks which haven't yet been included within the commercial pack.