ModSecurity is a plugin for Apache web servers that functions as a web app layer firewall. It's used to stop attacks toward script-driven websites by employing security rules that contain particular expressions. In this way, the firewall can stop hacking and spamming attempts and protect even Internet sites which aren't updated regularly. As an example, several failed login attempts to a script admin area or attempts to execute a particular file with the purpose to get access to the script will trigger particular rules, so ModSecurity will block these activities the second it discovers them. The firewall is very efficient since it monitors the entire HTTP traffic to a website in real time without slowing it down, so it will be able to stop an attack before any damage is done. It furthermore keeps an exceptionally detailed log of all attack attempts which features more information than traditional Apache logs, so you could later check out the data and take extra measures to boost the security of your websites if necessary.
ModSecurity in Shared Web Hosting
ModSecurity comes by default with all shared web hosting packages that we provide and it'll be turned on automatically for any domain or subdomain you add/create in your Hepsia hosting CP. The firewall has 3 different modes, so you can activate and disable it with just a click or set it to detection mode, so it'll keep a log of all attacks, but it shall not do anything to prevent them. The log for each of your sites shall contain detailed information which includes the nature of the attack, where it originated from, what action was taken by ModSecurity, etc. The firewall rules that we use are frequently updated and incorporate both commercial ones we get from a third-party security company and custom ones our system admins add in the event that they detect a new type of attacks. That way, the websites you host here will be way more protected without any action needed on your end.
ModSecurity in Semi-dedicated Hosting
We have incorporated ModSecurity as a standard within all semi-dedicated hosting products, so your web apps shall be protected the instant you set them up under any domain or subdomain. The Hepsia CP that comes with the semi-dedicated accounts will permit you to activate or turn off the firewall for any website with a mouse click. You shall also have the ability to switch on a passive detection mode with which ModSecurity will keep a log of possible attacks without actually preventing them. The comprehensive logs include things like the nature of the attack and what ModSecurity response that attack initiated, where it came from, and so on. The list of rules that we employ is frequently updated in order to match any new threats which may appear on the Internet and it features both commercial rules that we get from a security firm and custom-written ones that our admins include in case they find a threat that is not present in the commercial list yet.
ModSecurity in VPS Web Hosting
ModSecurity is pre-installed on all virtual private servers which are offered with the Hepsia hosting CP, so your web applications will be protected from the second your server is in a position. The firewall is activated by default for any domain or subdomain on the Virtual Private Server, but if needed, you could disable it with a mouse click through the corresponding section of Hepsia. You can also set it to operate in detection mode, so it'll maintain a detailed log of any possible attacks without taking any action to stop them. The logs can be found inside the same section and offer information about the nature of the attack, what IP it originated from and what ModSecurity rule was activated to stop it. For best security, we employ not simply commercial rules from a business operating in the field of web security, but also custom ones which our administrators include manually so as to react to new threats that are still not dealt with in the commercial rules.
ModSecurity in Dedicated Servers Hosting
All our dedicated servers which are set up with the Hepsia hosting Control Panel come with ModSecurity, so any app which you upload or install will be secured from the very beginning and you won't need to stress about common attacks or vulnerabilities. An individual section in Hepsia will allow you to start or stop the firewall for every domain or subdomain, or turn on a detection mode so that it records information regarding intrusions, but does not take actions to stop them. What you'll see in the logs can easily enable you to to secure your Internet sites better - the IP address an attack originated from, what site was attacked as well as how, what ModSecurity rule was triggered, and so on. With this data, you could see if a website needs an update, whether you should block IPs from accessing your server, and so forth. On top of the third-party commercial security rules for ModSecurity that we use, our administrators include custom ones as well whenever they find a new threat that is not yet included in the commercial bundle.