ModSecurity is a plugin for Apache web servers that functions as a web app layer firewall. It's employed to stop attacks toward script-driven Internet sites by employing security rules which contain specific expressions. In this way, the firewall can stop hacking and spamming attempts and preserve even sites that aren't updated on a regular basis. For instance, a number of failed login attempts to a script admin area or attempts to execute a specific file with the objective to get access to the script shall trigger specific rules, so ModSecurity will block these activities the instant it discovers them. The firewall is extremely efficient since it screens the entire HTTP traffic to an Internet site in real time without slowing it down, so it can easily stop an attack before any harm is done. It additionally keeps an incredibly detailed log of all attack attempts that contains more info than standard Apache logs, so you could later analyze the data and take further measures to improve the security of your sites if required.
ModSecurity in Cloud Website Hosting
ModSecurity comes standard with all cloud website hosting packages that we offer and it shall be turned on automatically for any domain or subdomain that you add/create inside your Hepsia hosting CP. The firewall has 3 different modes, so you could activate and deactivate it with only a mouse click or set it to detection mode, so it will maintain a log of all attacks, but it will not do anything to prevent them. The log for any of your sites will include comprehensive info which includes the nature of the attack, where it came from, what action was taken by ModSecurity, etc. The firewall rules we use are constantly updated and comprise of both commercial ones which we get from a third-party security company and custom ones our system administrators include in the event that they detect a new kind of attacks. That way, the websites you host here shall be much more protected without any action required on your end.
ModSecurity in Semi-dedicated Hosting
Any web program that you set up in your new semi-dedicated hosting account will be protected by ModSecurity because the firewall is provided with all our hosting plans and is turned on by default for any domain and subdomain that you add or create via your Hepsia hosting Control Panel. You shall be able to manage ModSecurity via a dedicated section inside Hepsia where not simply can you activate or deactivate it completely, but you could also enable a passive mode, so the firewall will not stop anything, but it shall still keep an archive of possible attacks. This normally requires just a click and you shall be able to view the logs regardless of if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was handled, and so forth. The firewall employs two groups of rules on our web servers - a commercial one which we get from a third-party web security company and a custom one that our admins update personally in order to respond to recently discovered risks at the earliest opportunity.
ModSecurity in VPS
All virtual private servers which are provided with the Hepsia Control Panel include ModSecurity. The firewall is installed and turned on by default for all domains that are hosted on the web server, so there won't be anything special which you shall have to do to protect your Internet sites. It will take you a mouse click to stop ModSecurity if needed or to switch on its passive mode so that it records what goes on without taking any measures to stop intrusions. You shall be able to look at the logs generated in active or passive mode through the corresponding section of Hepsia and discover more about the form of the attack, where it originated from, what rule the firewall used to take care of it, and so on. We employ a mix of commercial and custom rules so as to ensure that ModSecurity shall block as many threats as possible, therefore increasing the protection of your web applications as much as possible.
ModSecurity in Dedicated Hosting
ModSecurity comes with all dedicated servers that are integrated with our Hepsia Control Panel and you won't have to do anything specific on your end to use it since it's enabled by default every time you include a new domain or subdomain on your server. If it disrupts some of your applications, you shall be able to stop it through the respective section of Hepsia, or you could leave it working in passive mode, so it shall detect attacks and will still keep a log for them, but won't stop them. You can examine the logs later to determine what you can do to increase the protection of your Internet sites as you shall find information such as where an intrusion attempt came from, what Internet site was attacked and based on what rule ModSecurity reacted, etcetera. The rules we use are commercial, hence they're constantly updated by a security provider, but to be on the safe side, our administrators also add custom rules every now and then as to react to any new threats they have found.