ModSecurity is a plugin for Apache web servers that acts as a web app layer firewall. It is used to prevent attacks towards script-driven sites by employing security rules which contain particular expressions. In this way, the firewall can prevent hacking and spamming attempts and protect even sites which are not updated frequently. For example, a number of failed login attempts to a script administrative area or attempts to execute a certain file with the intention to get access to the script shall trigger particular rules, so ModSecurity shall stop these activities the instant it identifies them. The firewall is incredibly efficient since it monitors the entire HTTP traffic to an Internet site in real time without slowing it down, so it could prevent an attack before any damage is done. It additionally maintains a very thorough log of all attack attempts that features more info than traditional Apache logs, so you could later analyze the data and take further measures to improve the security of your sites if needed.
ModSecurity in Cloud Hosting
ModSecurity comes standard with all cloud hosting packages which we supply and it will be activated automatically for any domain or subdomain you add/create within your Hepsia hosting Control Panel. The firewall has three different modes, so you can activate and disable it with simply a click or set it to detection mode, so it shall maintain a log of all attacks, but it will not do anything to stop them. The log for each of your Internet sites will include comprehensive info such as the nature of the attack, where it came from, what action was taken by ModSecurity, etcetera. The firewall rules which we use are regularly updated and consist of both commercial ones we get from a third-party security company and custom ones our system admins include in the event that they detect a new sort of attacks. In this way, the websites that you host here shall be way more protected without any action required on your end.
ModSecurity in Semi-dedicated Servers
All semi-dedicated server plans which we offer feature ModSecurity and since the firewall is switched on by default, any site you create under a domain or a subdomain shall be protected right from the start. An independent section in the Hepsia CP that comes with the semi-dedicated accounts is devoted to ModSecurity and it will permit you to start and stop the firewall for any website or switch on a detection mode. With the last mentioned, ModSecurity will not take any action, but it'll still detect possible attacks and shall keep all info in a log as if it were fully active. The logs can be found in the very same section of the CP and they offer information about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to identify and stop it, etcetera. The security rules that we employ on our machines are a mix between commercial ones from a security company and custom ones developed by our system administrators. For that reason, we provide higher security for your web apps as we can defend them from attacks before security businesses release updates for brand new threats.
ModSecurity in VPS Servers
Safety is extremely important to us, so we install ModSecurity on all VPS servers that are set up with the Hepsia CP as a standard. The firewall can be managed via a dedicated section inside Hepsia and is turned on automatically when you include a new domain or create a subdomain, so you won't have to do anything manually. You'll also be able to deactivate it or turn on the so-called detection mode, so it will keep a log of potential attacks that you can later study, but will not block them. The logs in both passive and active modes contain info regarding the kind of the attack and how it was eliminated, what IP address it came from and other important info which could help you to tighten the security of your Internet sites by updating them or blocking IPs, as an example. In addition to the commercial rules which we get for ModSecurity from a third-party security enterprise, we also employ our own rules because every now and then we discover specific attacks that are not yet present in the commercial pack. That way, we could boost the protection of your VPS instantly instead of awaiting an official update.
ModSecurity in Dedicated Servers
ModSecurity is provided with all dedicated servers that are integrated with our Hepsia CP and you'll not need to do anything specific on your end to use it since it is activated by default every time you include a new domain or subdomain on your hosting server. In case it disrupts some of your applications, you'll be able to stop it through the respective part of Hepsia, or you may leave it working in passive mode, so it'll detect attacks and shall still maintain a log for them, but will not block them. You can analyze the logs later to find out what you can do to boost the security of your websites as you shall find info such as where an intrusion attempt came from, what Internet site was attacked and based on what rule ModSecurity reacted, etcetera. The rules which we employ are commercial, hence they're constantly updated by a security company, but to be on the safe side, our staff also add custom rules occasionally in order to respond to any new threats they have discovered.