ModSecurity is a plugin for Apache web servers which functions as a web application layer firewall. It is used to prevent attacks against script-driven Internet sites by employing security rules that contain particular expressions. That way, the firewall can block hacking and spamming attempts and preserve even Internet sites that aren't updated regularly. For instance, several failed login attempts to a script administrator area or attempts to execute a certain file with the intention to get access to the script shall trigger specific rules, so ModSecurity will block these activities the second it detects them. The firewall is incredibly efficient because it screens the whole HTTP traffic to a website in real time without slowing it down, so it can stop an attack before any damage is done. It additionally keeps a very thorough log of all attack attempts which features more info than typical Apache logs, so you could later analyze the data and take extra measures to increase the security of your Internet sites if necessary.
ModSecurity in Cloud Hosting
ModSecurity is available with every cloud hosting
plan that we provide and it is turned on by default for every domain or subdomain that you add through your Hepsia CP. In case it interferes with any of your applications or you'd like to disable it for whatever reason, you will be able to achieve that through the ModSecurity section of Hepsia with simply a mouse click. You could also use a passive mode, so the firewall will identify potential attacks and maintain a log, but won't take any action. You'll be able to view detailed logs in the exact same section, including the IP address where the attack originated from, exactly what the attacker aimed to do and at what time, what ModSecurity did, etc. For optimum safety of our clients we use a group of commercial firewall rules combined with custom ones that are added by our system admins.
ModSecurity in Semi-dedicated Servers
We have included ModSecurity as a standard within all semi-dedicated server
plans, so your web apps shall be protected as soon as you set them up under any domain or subdomain. The Hepsia Control Panel which is included with the semi-dedicated accounts shall allow you to activate or turn off the firewall for any website with a click. You shall also have the ability to switch on a passive detection mode in which ModSecurity shall keep a log of possible attacks without really preventing them. The thorough logs include things like the nature of the attack and what ModSecurity response that attack caused, where it came from, and so on. The list of rules that we employ is frequently updated as to match any new risks which could appear on the Internet and it includes both commercial rules that we get from a security business and custom-written ones that our admins add in case they find a threat that is not present inside the commercial list yet.
ModSecurity in VPS Servers
ModSecurity is included with all Hepsia-based VPS servers
which we offer and it shall be activated automatically for any new domain or subdomain you include on the server. In this way, any web app that you install shall be protected immediately without doing anything by hand on your end. The firewall could be managed via the section of the CP that bears the same name. This is the area whereyou could switch off ModSecurity or activate its passive mode, so it won't take any action towards threats, but will still keep a thorough log. The recorded info is available in the same area as well and you'll be able to see what IPs any attacks came from so that you block them, what the nature of the attempted attacks was and based upon what security rules ModSecurity responded. The rules which we use on our servers are a mixture between commercial ones that we get from a security firm and custom ones that are included by our admins to optimize the protection of any web apps hosted on our end.
ModSecurity in Dedicated Servers
ModSecurity comes with all dedicated servers
which are integrated with our Hepsia Control Panel and you won't need to do anything specific on your end to employ it since it's switched on by default each time you include a new domain or subdomain on your hosting server. In the event that it disrupts any of your apps, you'll be able to stop it via the respective area of Hepsia, or you may leave it in passive mode, so it will recognize attacks and shall still maintain a log for them, but will not prevent them. You could examine the logs later to determine what you can do to enhance the safety of your sites as you shall find information such as where an intrusion attempt originated from, what site was attacked and in accordance with what rule ModSecurity reacted, and so on. The rules we employ are commercial, hence they're constantly updated by a security provider, but to be on the safe side, our admins also add custom rules every now and then in order to respond to any new threats they have found.