ModSecurity is a plugin for Apache web servers which functions as a web app layer firewall. It is employed to stop attacks toward script-driven websites by employing security rules that contain particular expressions. In this way, the firewall can block hacking and spamming attempts and preserve even websites that are not updated on a regular basis. For example, numerous failed login attempts to a script administrator area or attempts to execute a certain file with the purpose to get access to the script shall trigger particular rules, so ModSecurity shall block out these activities the moment it detects them. The firewall is quite efficient because it monitors the entire HTTP traffic to an Internet site in real time without slowing it down, so it will be able to prevent an attack before any harm is done. It additionally maintains an exceptionally comprehensive log of all attack attempts which contains more info than typical Apache logs, so you can later analyze the data and take extra measures to improve the security of your Internet sites if required.
ModSecurity in Shared Hosting
ModSecurity can be found with every single shared hosting solution which we provide and it's activated by default for every domain or subdomain which you add via your Hepsia CP. In case it disrupts any of your programs or you would like to disable it for some reason, you will be able to accomplish that through the ModSecurity area of Hepsia with just a mouse click. You may also use a passive mode, so the firewall will identify possible attacks and maintain a log, but won't take any action. You can view comprehensive logs in the exact same section, including the IP address where the attack came from, what exactly the attacker attempted to do and at what time, what ModSecurity did, etc. For max security of our clients we use a group of commercial firewall rules mixed with custom ones which are added by our system admins.
ModSecurity in Semi-dedicated Servers
ModSecurity is part of our semi-dedicated server solutions and if you choose to host your Internet sites with our company, there shall not be anything special you'll have to do as the firewall is turned on by default for all domains and subdomains that you add using your hosting Control Panel. If required, you'll be able to disable ModSecurity for a particular site or switch on the so-called detection mode in which case the firewall shall still work and record information, but shall not do anything to prevent potential attacks on your sites. Detailed logs will be available in your CP and you'll be able to see what sort of attacks took place, what security rules were triggered and how the firewall dealt with the threats, what Internet protocol addresses the attacks came from, etc. We employ 2 sorts of rules on our servers - commercial ones from a business that operates in the field of web security, and customized ones which our administrators often add to respond to newly identified threats on time.
ModSecurity in VPS Servers
Safety is vital to us, so we set up ModSecurity on all VPS servers which are provided with the Hepsia CP by default. The firewall can be managed through a dedicated section within Hepsia and is activated automatically when you add a new domain or generate a subdomain, so you'll not need to do anything manually. You will also be able to deactivate it or turn on the so-called detection mode, so it'll maintain a log of potential attacks you can later examine, but will not block them. The logs in both passive and active modes include information regarding the kind of the attack and how it was eliminated, what IP address it came from and other important information which might help you to tighten the security of your Internet sites by updating them or blocking IPs, as an example. On top of the commercial rules which we get for ModSecurity from a third-party security enterprise, we also employ our own rules because once in a while we find specific attacks that are not yet present inside the commercial pack. This way, we can easily increase the security of your Virtual private server instantly as opposed to awaiting an official update.
ModSecurity in Dedicated Servers
All of our dedicated servers that are set up with the Hepsia hosting CP include ModSecurity, so any application you upload or install will be protected from the very beginning and you won't need to bother about common attacks or vulnerabilities. An independent section in Hepsia will enable you to start or stop the firewall for any domain or subdomain, or activate a detection mode so that it records information regarding intrusions, but doesn't take actions to prevent them. What you shall find in the logs can easily help you to secure your sites better - the IP an attack originated from, what website was attacked and exactly how, what ModSecurity rule was triggered, and so on. With this information, you could see whether a website needs an update, if you ought to block IPs from accessing your web server, etc. Besides the third-party commercial security rules for ModSecurity which we use, our administrators add custom ones too whenever they come across a new threat which is not yet included in the commercial bundle.