ModSecurity is a plugin for Apache web servers which functions as a web app layer firewall. It's used to stop attacks against script-driven Internet sites through the use of security rules which contain certain expressions. In this way, the firewall can prevent hacking and spamming attempts and preserve even sites that are not updated frequently. For example, a number of failed login attempts to a script administrator area or attempts to execute a certain file with the objective to get access to the script shall trigger certain rules, so ModSecurity shall block these activities the moment it identifies them. The firewall is extremely efficient since it screens the entire HTTP traffic to an Internet site in real time without slowing it down, so it could prevent an attack before any damage is done. It also keeps an incredibly thorough log of all attack attempts that features more info than typical Apache logs, so you could later check out the data and take further measures to boost the security of your websites if required.
ModSecurity in Cloud Hosting
ModSecurity is provided with all cloud hosting machines, so if you decide to host your websites with our company, they will be shielded from an array of attacks. The firewall is enabled as standard for all domains and subdomains, so there shall be nothing you will need to do on your end. You shall be able to stop ModSecurity for any website if necessary, or to switch on a detection mode, so that all activity shall be recorded, but the firewall won't take any real action. You will be able to view detailed logs via your Hepsia CP including the IP where the attack came from, what the attacker wished to do and how ModSecurity dealt with the threat. Since we take the safety of our clients' Internet sites very seriously, we use a collection of commercial rules which we take from one of the leading firms that maintain this sort of rules. Our admins also add custom rules to make sure that your websites shall be resistant to as many risks as possible.
ModSecurity in Semi-dedicated Hosting
ModSecurity is a part of our semi-dedicated hosting solutions and if you choose to host your Internet sites with us, there will not be anything special you'll have to do as the firewall is activated by default for all domains and subdomains you include through your hosting Control Panel. If needed, you can disable ModSecurity for a certain Internet site or turn on the so-called detection mode in which case the firewall will still function and record info, but shall not do anything to stop possible attacks on your websites. Detailed logs will be accessible within your CP and you will be able to see which kind of attacks took place, what security rules were triggered and how the firewall handled the threats, what Internet protocol addresses the attacks originated from, and so forth. We employ 2 types of rules on our servers - commercial ones from an organization which operates in the field of web security, and custom made ones that our admins often include to respond to newly identified threats promptly.
ModSecurity in VPS
Safety is very important to us, so we install ModSecurity on all virtual private servers which are made available with the Hepsia Control Panel by default. The firewall can be managed through a dedicated section in Hepsia and is switched on automatically when you include a new domain or generate a subdomain, so you'll not have to do anything by hand. You will also be able to deactivate it or switch on the so-called detection mode, so it shall keep a log of potential attacks you can later study, but will not stop them. The logs in both passive and active modes offer info about the kind of the attack and how it was stopped, what IP address it originated from and other important information that could help you to tighten the security of your Internet sites by updating them or blocking IPs, for instance. Beyond the commercial rules that we get for ModSecurity from a third-party security enterprise, we also use our own rules since from time to time we find specific attacks that aren't yet present in the commercial pack. This way, we could improve the protection of your Virtual private server right away instead of awaiting a certified update.
ModSecurity in Dedicated Hosting
If you choose to host your Internet sites on a dedicated server with the Hepsia Control Panel, your web applications will be secured right from the start because ModSecurity is supplied with all Hepsia-based solutions. You shall be able to manage the firewall easily and if required, you will be able to turn it off or enable its passive mode when it shall only keep a log of what's going on without taking any action to stop possible attacks. The logs that you'll find within the exact same section of the CP are incredibly detailed and feature details about the attacker IP, what website and file were attacked and in what ways, what rule the firewall employed to stop the intrusion, and so forth. This data shall permit you to take measures and enhance the protection of your sites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones which our admins include every time they recognize attacks which have not yet been included within the commercial pack.