ModSecurity is a plugin for Apache web servers which functions as a web app layer firewall. It is used to stop attacks towards script-driven Internet sites by employing security rules that contain certain expressions. That way, the firewall can block hacking and spamming attempts and preserve even sites that aren't updated regularly. For instance, several unsuccessful login attempts to a script administrator area or attempts to execute a certain file with the objective to get access to the script will trigger specific rules, so ModSecurity will block these activities the instant it detects them. The firewall is extremely efficient as it monitors the whole HTTP traffic to an Internet site in real time without slowing it down, so it could prevent an attack before any damage is done. It furthermore maintains an incredibly detailed log of all attack attempts that contains more info than typical Apache logs, so you can later check out the data and take extra measures to boost the security of your Internet sites if required.
ModSecurity in Website Hosting
We offer ModSecurity with all website hosting solutions, so your Internet apps will be protected against malicious attacks. The firewall is activated by default for all domains and subdomains, but in case you'd like, you shall be able to stop it through the respective section of your Hepsia CP. You could also activate a detection mode, so ModSecurity shall keep a log as intended, but will not take any action. The logs which you shall find inside Hepsia are incredibly detailed and offer info about the nature of any attack, when it occurred and from what IP address, the firewall rule which was triggered, etcetera. We employ a group of commercial rules that are constantly updated, but sometimes our administrators include custom rules as well so as to better protect the Internet sites hosted on our machines.
ModSecurity in Semi-dedicated Servers
We have included ModSecurity as a standard within all semi-dedicated server packages, so your web apps will be protected whenever you install them under any domain or subdomain. The Hepsia CP that comes with the semi-dedicated accounts will allow you to enable or turn off the firewall for any website with a mouse click. You will also have the ability to switch on a passive detection mode with which ModSecurity shall maintain a log of potential attacks without really stopping them. The comprehensive logs contain the nature of the attack and what ModSecurity response that attack generated, where it came from, etcetera. The list of rules we employ is constantly updated as to match any new risks which could appear on the Internet and it consists of both commercial rules that we get from a security company and custom-written ones which our admins add if they find a threat that's not present in the commercial list yet.
ModSecurity in VPS Servers
ModSecurity comes with all Hepsia-based VPS servers which we offer and it will be turned on automatically for every new domain or subdomain you add on the web server. In this way, any web app which you install will be secured right away without doing anything by hand on your end. The firewall can be handled through the section of the CP that has the same name. This is the area in whichyou can switch off ModSecurity or activate its passive mode, so it won't take any action toward threats, but shall still maintain a comprehensive log. The recorded information is available within the same section as well and you will be able to see what IPs any attacks originated from so that you can stop them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity reacted. The rules which we employ on our servers are a mixture between commercial ones which we obtain from a security firm and custom ones which are added by our staff to optimize the protection of any web applications hosted on our end.
ModSecurity in Dedicated Servers
ModSecurity is provided with all dedicated servers which are set up with our Hepsia CP and you'll not have to do anything specific on your end to employ it since it is activated by default each time you include a new domain or subdomain on your server. In the event that it disrupts some of your apps, you'll be able to stop it via the respective section of Hepsia, or you may leave it working in passive mode, so it'll recognize attacks and shall still keep a log for them, but shall not prevent them. You'll be able to examine the logs later to determine what you can do to increase the security of your Internet sites since you shall find details such as where an intrusion attempt came from, what site was attacked and based upon what rule ModSecurity reacted, etcetera. The rules that we employ are commercial, thus they're frequently updated by a security firm, but to be on the safe side, our administrators also include custom rules every now and then as to react to any new threats they have identified.