ModSecurity is a plugin for Apache web servers that acts as a web app layer firewall. It's employed to stop attacks against script-driven Internet sites by employing security rules that contain particular expressions. That way, the firewall can block hacking and spamming attempts and shield even sites that are not updated on a regular basis. For instance, multiple failed login attempts to a script administrative area or attempts to execute a specific file with the objective to get access to the script will trigger certain rules, so ModSecurity will block these activities the minute it detects them. The firewall is incredibly efficient because it screens the entire HTTP traffic to a site in real time without slowing it down, so it can easily stop an attack before any harm is done. It also keeps a very comprehensive log of all attack attempts that includes more info than traditional Apache logs, so you could later check out the data and take extra measures to enhance the security of your Internet sites if needed.
ModSecurity in Shared Hosting
We offer ModSecurity with all shared hosting plans, so your web apps will be shielded from destructive attacks. The firewall is activated as standard for all domains and subdomains, but if you'd like, you shall be able to stop it via the respective area of your Hepsia CP. You could also activate a detection mode, so ModSecurity will keep a log as intended, but will not take any action. The logs which you'll find inside Hepsia are quite detailed and offer data about the nature of any attack, when it transpired and from what IP address, the firewall rule which was triggered, and so on. We employ a range of commercial rules that are often updated, but sometimes our admins include custom rules as well in order to better protect the Internet sites hosted on our servers.
ModSecurity in Semi-dedicated Servers
All semi-dedicated server packages which we offer feature ModSecurity and because the firewall is switched on by default, any Internet site you create under a domain or a subdomain shall be secured right away. A separate section within the Hepsia Control Panel which comes with the semi-dedicated accounts is devoted to ModSecurity and it'll permit you to stop and start the firewall for any Internet site or switch on a detection mode. With the last option, ModSecurity will not take any action, but it'll still detect possible attacks and will keep all data within a log as if it were completely active. The logs can be found in the same section of the CP and they feature specifics about the IP where an attack came from, what its nature was, what rule ModSecurity applies to detect and stop it, and so on. The security rules we use on our web servers are a mix between commercial ones from a security business and custom ones developed by our system administrators. Consequently, we provide greater security for your web applications as we can defend them from attacks before security corporations release updates for completely new threats.
ModSecurity in Dedicated Servers
All of our dedicated servers which are installed with the Hepsia hosting CP feature ModSecurity, so any application you upload or install will be properly secured from the very beginning and you'll not need to stress about common attacks or vulnerabilities. An individual section in Hepsia will permit you to start or stop the firewall for every domain or subdomain, or activate a detection mode so that it records information regarding intrusions, but does not take actions to stop them. What you will discover in the logs can easily allow you to to secure your sites better - the IP an attack came from, what website was attacked and exactly how, what ModSecurity rule was triggered, and so on. With this information, you can see whether a site needs an update, whether you need to block IPs from accessing your web server, and so forth. Aside from the third-party commercial security rules for ModSecurity which we use, our admins add custom ones too every time they come across a new threat which is not yet included in the commercial bundle.