ModSecurity is a plugin for Apache web servers that acts as a web application layer firewall. It is used to stop attacks toward script-driven sites by using security rules which contain certain expressions. In this way, the firewall can block hacking and spamming attempts and protect even Internet sites which aren't updated frequently. For example, a number of unsuccessful login attempts to a script administrative area or attempts to execute a certain file with the purpose to get access to the script will trigger specific rules, so ModSecurity will block out these activities the second it discovers them. The firewall is incredibly efficient since it tracks the whole HTTP traffic to an Internet site in real time without slowing it down, so it will be able to prevent an attack before any harm is done. It additionally keeps an exceptionally thorough log of all attack attempts that features more info than conventional Apache logs, so you could later examine the data and take additional measures to improve the security of your Internet sites if required.
ModSecurity in Hosting
We offer ModSecurity with all hosting solutions, so your web apps shall be resistant to destructive attacks. The firewall is activated by default for all domains and subdomains, but if you'd like, you shall be able to stop it via the respective section of your Hepsia Control Panel. You'll be able to also switch on a detection mode, so ModSecurity will keep a log as intended, but won't take any action. The logs which you'll find in Hepsia are very detailed and offer information about the nature of any attack, when it transpired and from what IP, the firewall rule that was triggered, and so forth. We use a set of commercial rules that are often updated, but sometimes our administrators add custom rules as well so as to efficiently protect the sites hosted on our machines.
ModSecurity in Semi-dedicated Servers
ModSecurity is a part of our semi-dedicated server solutions and if you decide to host your sites with us, there shall not be anything special you'll need to do since the firewall is turned on by default for all domains and subdomains that you add through your hosting CP. If necessary, you can disable ModSecurity for a given website or activate the so-called detection mode in which case the firewall will still function and record info, but won't do anything to stop potential attacks against your websites. In depth logs will be available within your CP and you will be able to see which kind of attacks occurred, what security rules were triggered and how the firewall handled the threats, what Internet protocol addresses the attacks originated from, etc. We employ 2 types of rules on our servers - commercial ones from a company which operates in the field of web security, and custom ones which our administrators often add to respond to newly identified risks on time.
ModSecurity in VPS Servers
Security is extremely important to us, so we set up ModSecurity on all VPS servers which are set up with the Hepsia Control Panel by default. The firewall could be managed via a dedicated section in Hepsia and is turned on automatically when you add a new domain or create a subdomain, so you will not have to do anything by hand. You will also be able to disable it or turn on the so-called detection mode, so it'll maintain a log of potential attacks you can later analyze, but will not block them. The logs in both passive and active modes offer information about the form of the attack and how it was prevented, what IP address it came from and other valuable data that could help you to tighten the security of your Internet sites by updating them or blocking IPs, as an example. Besides the commercial rules that we get for ModSecurity from a third-party security company, we also implement our own rules as once in a while we identify specific attacks which aren't yet present in the commercial pack. That way, we can boost the protection of your VPS immediately rather than waiting for a certified update.
ModSecurity in Dedicated Servers
When you decide to host your Internet sites on a dedicated server with the Hepsia CP, your web applications will be protected immediately because ModSecurity is supplied with all Hepsia-based packages. You will be able to regulate the firewall effortlessly and if needed, you shall be able to turn it off or switch on its passive mode when it will only keep a log of what is occurring without taking any action to prevent possible attacks. The logs which you will find within the exact same section of the CP are extremely detailed and feature details about the attacker IP, what website and file were attacked and in what ways, what rule the firewall employed to stop the intrusion, etcetera. This data will allow you to take measures and enhance the security of your sites even more. To be on the safe side, we use not only commercial rules, but also custom-made ones that our staff add when they recognize attacks that have not yet been included within the commercial pack.