ModSecurity is a plugin for Apache web servers that functions as a web application layer firewall. It's used to prevent attacks toward script-driven sites by using security rules that contain certain expressions. In this way, the firewall can prevent hacking and spamming attempts and protect even websites which aren't updated on a regular basis. For instance, numerous failed login attempts to a script administrative area or attempts to execute a certain file with the intention to get access to the script will trigger certain rules, so ModSecurity shall block out these activities the instant it detects them. The firewall is very efficient since it monitors the whole HTTP traffic to an Internet site in real time without slowing it down, so it will be able to stop an attack before any harm is done. It furthermore keeps an exceptionally detailed log of all attack attempts that features more info than traditional Apache logs, so you can later examine the data and take further measures to enhance the security of your websites if necessary.
ModSecurity in Shared Hosting
ModSecurity is offered with every single shared hosting package which we offer and it's activated by default for every domain or subdomain which you add through your Hepsia CP. In the event that it disrupts any of your apps or you would like to disable it for whatever reason, you shall be able to do that through the ModSecurity area of Hepsia with only a mouse click. You could also enable a passive mode, so the firewall will detect possible attacks and keep a log, but won't take any action. You can view detailed logs in the exact same section, including the IP where the attack originated from, what precisely the attacker aimed to do and at what time, what ModSecurity did, and so on. For max protection of our clients we use a set of commercial firewall rules blended with custom ones that are included by our system administrators.
ModSecurity in Semi-dedicated Servers
ModSecurity is part of our semi-dedicated server packages and if you decide to host your sites with us, there will not be anything special you will have to do as the firewall is activated by default for all domains and subdomains you include via your hosting Control Panel. If necessary, you could disable ModSecurity for a given site or turn on the so-called detection mode in which case the firewall shall still operate and record info, but will not do anything to stop possible attacks against your Internet sites. Comprehensive logs shall be readily available inside your CP and you shall be able to see which kind of attacks happened, what security rules were triggered and how the firewall dealt with the threats, what IP addresses the attacks originated from, and so on. We use two sorts of rules on our servers - commercial ones from a company which operates in the field of web security, and custom ones that our admins sometimes add to respond to newly identified threats on time.
ModSecurity in VPS Servers
All VPS servers which are set up with the Hepsia Control Panel feature ModSecurity. The firewall is set up and turned on by default for all domains that are hosted on the web server, so there will not be anything special that you will have to do to protect your Internet sites. It will take you just a click to stop ModSecurity if required or to switch on its passive mode so that it records what goes on without taking any measures to stop intrusions. You'll be able to look at the logs produced in passive or active mode from the corresponding section of Hepsia and discover more about the form of the attack, where it came from, what rule the firewall employed to handle it, etcetera. We employ a mix of commercial and custom rules in order to ensure that ModSecurity shall stop as many threats as possible, therefore improving the protection of your web apps as much as possible.
ModSecurity in Dedicated Servers
If you opt to host your websites on a dedicated server with the Hepsia CP, your web programs will be protected straight away since ModSecurity is available with all Hepsia-based solutions. You will be able to manage the firewall easily and if necessary, you'll be able to turn it off or enable its passive mode when it'll only maintain a log of what is going on without taking any action to prevent possible attacks. The logs that you'll find in the very same section of the CP are very detailed and include information about the attacker IP address, what website and file were attacked and in what way, what rule the firewall used to stop the intrusion, etcetera. This info will enable you to take measures and increase the protection of your websites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones that our admins include whenever they detect attacks which haven't yet been included in the commercial pack.