ModSecurity is a plugin for Apache web servers which acts as a web application layer firewall. It's employed to prevent attacks towards script-driven sites by using security rules that contain particular expressions. In this way, the firewall can prevent hacking and spamming attempts and shield even websites which are not updated often. For instance, a number of failed login attempts to a script admin area or attempts to execute a particular file with the purpose to get access to the script will trigger particular rules, so ModSecurity shall block out these activities the second it discovers them. The firewall is quite efficient since it monitors the entire HTTP traffic to a site in real time without slowing it down, so it will be able to stop an attack before any damage is done. It additionally keeps an exceptionally thorough log of all attack attempts that features more information than conventional Apache logs, so you can later analyze the data and take further measures to increase the security of your websites if needed.
ModSecurity in Cloud Hosting
ModSecurity is offered with every cloud hosting plan which we provide and it is switched on by default for any domain or subdomain that you include through your Hepsia Control Panel. If it interferes with any of your apps or you'd like to disable it for any reason, you'll be able to accomplish that through the ModSecurity area of Hepsia with simply a mouse click. You can also activate a passive mode, so the firewall will detect possible attacks and keep a log, but will not take any action. You could see extensive logs in the very same section, including the IP address where the attack came from, exactly what the attacker tried to do and at what time, what ModSecurity did, and so on. For optimum protection of our clients we use a set of commercial firewall rules combined with custom ones which are included by our system administrators.
ModSecurity in Semi-dedicated Hosting
ModSecurity is part of our semi-dedicated hosting packages and if you opt to host your websites with our company, there will not be anything special you'll have to do given that the firewall is switched on by default for all domains and subdomains that you include through your hosting Control Panel. If needed, you'll be able to disable ModSecurity for a given Internet site or turn on the so-called detection mode in which case the firewall shall still function and record info, but won't do anything to stop possible attacks against your sites. In depth logs shall be available within your Control Panel and you will be able to see what type of attacks took place, what security rules were triggered and how the firewall dealt with the threats, what IP addresses the attacks originated from, etc. We use 2 types of rules on our servers - commercial ones from a business that operates in the field of web security, and customized ones which our admins sometimes add to respond to newly discovered risks promptly.
ModSecurity in Dedicated Hosting
All of our dedicated servers which are installed with the Hepsia hosting Control Panel include ModSecurity, so any app that you upload or install shall be properly secured from the very beginning and you'll not have to stress about common attacks or vulnerabilities. A separate section in Hepsia will allow you to start or stop the firewall for every domain or subdomain, or turn on a detection mode so that it records information regarding intrusions, but does not take actions to prevent them. What you'll see in the logs can easily enable you to to secure your websites better - the IP an attack originated from, what site was attacked and how, what ModSecurity rule was triggered, and so forth. With this data, you could see whether a site needs an update, whether you ought to block IPs from accessing your hosting server, etc. In addition to the third-party commercial security rules for ModSecurity that we use, our admins include custom ones as well every time they discover a new threat that's not yet in the commercial bundle.