ModSecurity is a plugin for Apache web servers which functions as a web application layer firewall. It's used to prevent attacks toward script-driven sites by employing security rules that contain particular expressions. In this way, the firewall can prevent hacking and spamming attempts and protect even Internet sites which are not updated frequently. As an example, numerous failed login attempts to a script admin area or attempts to execute a particular file with the objective to get access to the script will trigger certain rules, so ModSecurity will block these activities the moment it discovers them. The firewall is very efficient since it monitors the entire HTTP traffic to an Internet site in real time without slowing it down, so it can stop an attack before any damage is done. It furthermore maintains an exceptionally thorough log of all attack attempts that contains more information than conventional Apache logs, so you can later analyze the data and take further measures to increase the security of your Internet sites if needed.
ModSecurity in Cloud Web Hosting
ModSecurity can be found with every single cloud web hosting solution that we provide and it is turned on by default for any domain or subdomain that you include via your Hepsia CP. If it interferes with any of your apps or you'd like to disable it for any reason, you'll be able to achieve that through the ModSecurity area of Hepsia with only a mouse click. You can also enable a passive mode, so the firewall will detect potential attacks and keep a log, but shall not take any action. You could view comprehensive logs in the very same section, including the IP address where the attack originated from, exactly what the attacker attempted to do and at what time, what ModSecurity did, and so on. For optimum security of our customers we use a set of commercial firewall rules combined with custom ones which are added by our system admins.
ModSecurity in Semi-dedicated Hosting
Any web program which you set up within your new semi-dedicated hosting account shall be protected by ModSecurity because the firewall comes with all our hosting packages and is switched on by default for any domain and subdomain you include or create via your Hepsia hosting CP. You shall be able to manage ModSecurity via a dedicated section within Hepsia where not simply can you activate or deactivate it entirely, but you may also enable a passive mode, so the firewall shall not stop anything, but it will still maintain a record of potential attacks. This takes simply a mouse click and you will be able to look at the logs regardless if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was taken care of, etc. The firewall uses 2 sets of rules on our servers - a commercial one that we get from a third-party web security company and a custom one which our administrators update personally as to respond to recently discovered risks as quickly as possible.
ModSecurity in Dedicated Web Hosting
All of our dedicated servers which are set up with the Hepsia hosting CP feature ModSecurity, so any app that you upload or set up will be secured from the very beginning and you will not need to worry about common attacks or vulnerabilities. A separate section within Hepsia will enable you to start or stop the firewall for any domain or subdomain, or activate a detection mode so that it records info about intrusions, but doesn't take actions to stop them. What you'll discover in the logs can enable you to to secure your sites better - the IP address an attack originated from, what site was attacked as well as how, what ModSecurity rule was triggered, and so forth. With this information, you can see if a website needs an update, if you should block IPs from accessing your server, etcetera. Besides the third-party commercial security rules for ModSecurity which we use, our administrators include custom ones as well whenever they discover a new threat that's not yet included in the commercial bundle.