ModSecurity is a plugin for Apache web servers that functions as a web application layer firewall. It's used to prevent attacks towards script-driven sites through the use of security rules that contain certain expressions. In this way, the firewall can prevent hacking and spamming attempts and preserve even websites that are not updated often. As an example, numerous unsuccessful login attempts to a script administrative area or attempts to execute a certain file with the intention to get access to the script shall trigger certain rules, so ModSecurity shall block these activities the second it identifies them. The firewall is incredibly efficient since it monitors the entire HTTP traffic to a site in real time without slowing it down, so it can prevent an attack before any damage is done. It also maintains an exceptionally detailed log of all attack attempts that contains more information than conventional Apache logs, so you could later analyze the data and take extra measures to enhance the security of your websites if necessary.
ModSecurity in Cloud Website Hosting
We offer ModSecurity with all cloud website hosting solutions, so your Internet applications shall be resistant to harmful attacks. The firewall is activated by default for all domains and subdomains, but in case you'd like, you'll be able to stop it using the respective part of your Hepsia Control Panel. You can also switch on a detection mode, so ModSecurity will keep a log as intended, but will not take any action. The logs that you shall discover inside Hepsia are very detailed and feature info about the nature of any attack, when it happened and from what IP address, the firewall rule which was triggered, etcetera. We use a range of commercial rules that are frequently updated, but sometimes our admins add custom rules as well in order to better protect the sites hosted on our servers.
ModSecurity in Semi-dedicated Servers
All semi-dedicated server packages which we offer feature ModSecurity and since the firewall is turned on by default, any Internet site that you create under a domain or a subdomain shall be protected straight away. An individual section inside the Hepsia Control Panel which comes with the semi-dedicated accounts is dedicated to ModSecurity and it shall permit you to start and stop the firewall for any site or switch on a detection mode. With the last option, ModSecurity won't take any action, but it'll still identify possible attacks and will keep all information in a log as if it were fully active. The logs could be found within the exact same section of the CP and they include details about the IP where an attack came from, what its nature was, what rule ModSecurity applies to recognize and stop it, and so on. The security rules we use on our web servers are a mix of commercial ones from a security business and custom ones developed by our system administrators. Therefore, we provide increased security for your web apps as we can defend them from attacks before security firms release updates for completely new threats.
ModSecurity in VPS Servers
All VPS servers that are offered with the Hepsia Control Panel come with ModSecurity. The firewall is installed and switched on by default for all domains that are hosted on the server, so there won't be anything special that you will have to do to protect your websites. It'll take you only a click to stop ModSecurity if required or to switch on its passive mode so that it records what goes on without taking any steps to stop intrusions. You'll be able to look at the logs created in passive or active mode from the corresponding section of Hepsia and learn more about the form of the attack, where it originated from, what rule the firewall used to deal with it, and so forth. We use a mix of commercial and custom rules so as to make certain that ModSecurity shall stop as many threats as possible, thus boosting the security of your web programs as much as possible.
ModSecurity in Dedicated Servers
If you choose to host your websites on a dedicated server with the Hepsia CP, your web programs will be protected immediately since ModSecurity is available with all Hepsia-based plans. You shall be able to manage the firewall effortlessly and if needed, you'll be able to turn it off or enable its passive mode when it will only maintain a log of what is happening without taking any action to stop possible attacks. The logs which you'll find within the exact same section of the Control Panel are incredibly detailed and feature information about the attacker IP address, what website and file were attacked and in what way, what rule the firewall employed to stop the intrusion, etcetera. This information will permit you to take measures and increase the security of your Internet sites even more. To be on the safe side, we employ not just commercial rules, but also custom-made ones that our staff include when they identify attacks which haven't yet been included in the commercial pack.