ModSecurity is a plugin for Apache web servers that functions as a web app layer firewall. It is employed to stop attacks toward script-driven Internet sites by employing security rules that contain particular expressions. In this way, the firewall can stop hacking and spamming attempts and protect even sites that are not updated on a regular basis. As an example, numerous failed login attempts to a script administrator area or attempts to execute a specific file with the purpose to get access to the script shall trigger specific rules, so ModSecurity will block these activities the moment it detects them. The firewall is incredibly efficient as it tracks the entire HTTP traffic to an Internet site in real time without slowing it down, so it will be able to prevent an attack before any harm is done. It additionally maintains an incredibly thorough log of all attack attempts that includes more information than standard Apache logs, so you can later analyze the data and take further measures to improve the security of your Internet sites if needed.
ModSecurity in Hosting
ModSecurity is supplied with all hosting servers, so when you decide to host your Internet sites with our business, they will be shielded from a wide range of attacks. The firewall is enabled by default for all domains and subdomains, so there will be nothing you will have to do on your end. You'll be able to stop ModSecurity for any Internet site if necessary, or to activate a detection mode, so that all activity shall be recorded, but the firewall will not take any real action. You shall be able to view comprehensive logs via your Hepsia CP including the IP address where the attack originated from, what the attacker wished to do and how ModSecurity addressed the threat. As we take the safety of our customers' Internet sites seriously, we use a group of commercial rules which we get from one of the top companies which maintain this sort of rules. Our administrators also add custom rules to make sure that your websites shall be protected against as many threats as possible.
ModSecurity in Semi-dedicated Servers
Any web application that you install within your new semi-dedicated server account shall be protected by ModSecurity as the firewall is provided with all our hosting solutions and is activated by default for any domain and subdomain you add or create through your Hepsia hosting CP. You will be able to manage ModSecurity through a dedicated area in Hepsia where not simply can you activate or deactivate it completely, but you may also switch on a passive mode, so the firewall shall not block anything, but it'll still keep an archive of possible attacks. This requires only a mouse click and you will be able to see the logs regardless of if ModSecurity is in passive or active mode through the same section - what the attack was and where it came from, how it was dealt with, etcetera. The firewall employs two groups of rules on our web servers - a commercial one which we get from a third-party web security provider and a custom one which our admins update personally as to respond to newly discovered threats as fast as possible.
ModSecurity in VPS Servers
ModSecurity is included with all Hepsia-based VPS servers we offer and it will be activated automatically for any new domain or subdomain which you add on the machine. That way, any web app you install will be protected from the very beginning without doing anything personally on your end. The firewall can be managed from the section of the Control Panel which has the same name. This is the location whereyou can disable ModSecurity or enable its passive mode, so it won't take any action against threats, but shall still keep a comprehensive log. The recorded information is available within the same section as well and you will be able to see what IPs any attacks originated from to enable you to stop them, what the nature of the attempted attacks was and based on what security rules ModSecurity responded. The rules which we employ on our servers are a combination between commercial ones that we get from a security company and custom ones which are included by our admins to enhance the protection of any web applications hosted on our end.
ModSecurity in Dedicated Servers
ModSecurity is offered by default with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain that you host or subdomain that you create on the web server. Just in case that a web app does not function adequately, you could either switch off the firewall or set it to work in passive mode. The second means that ModSecurity shall maintain a log of any possible attack which may occur, but will not take any action to prevent it. The logs produced in passive or active mode will offer you more details about the exact file that was attacked, the nature of the attack and the IP it originated from, etcetera. This information will permit you to decide what measures you can take to enhance the protection of your websites, such as blocking IPs or performing script and plugin updates. The ModSecurity rules that we use are updated often with a commercial package from a third-party security company we work with, but from time to time our admins include their own rules too when they discover a new potential threat.