ModSecurity is a plugin for Apache web servers that acts as a web app layer firewall. It's employed to stop attacks towards script-driven websites by using security rules which contain particular expressions. In this way, the firewall can prevent hacking and spamming attempts and shield even Internet sites which aren't updated regularly. For instance, a number of unsuccessful login attempts to a script admin area or attempts to execute a certain file with the objective to get access to the script will trigger particular rules, so ModSecurity will block out these activities the minute it identifies them. The firewall is extremely efficient since it monitors the whole HTTP traffic to a website in real time without slowing it down, so it can easily prevent an attack before any harm is done. It also maintains an exceptionally comprehensive log of all attack attempts that includes more information than traditional Apache logs, so you can later check out the data and take extra measures to boost the security of your websites if required.
ModSecurity in Cloud Web Hosting
ModSecurity is available with every cloud web hosting plan which we offer and it is switched on by default for any domain or subdomain which you add through your Hepsia CP. In case it disrupts any of your apps or you would like to disable it for some reason, you shall be able to accomplish that through the ModSecurity section of Hepsia with merely a click. You can also enable a passive mode, so the firewall will detect possible attacks and maintain a log, but won't take any action. You could see extensive logs in the exact same section, including the IP address where the attack originated from, what precisely the attacker aimed to do and at what time, what ModSecurity did, etc. For maximum security of our clients we use a collection of commercial firewall rules blended with custom ones that are added by our system admins.
ModSecurity in Semi-dedicated Servers
We have included ModSecurity as a standard in all semi-dedicated server products, so your web applications shall be protected whenever you install them under any domain or subdomain. The Hepsia CP which comes with the semi-dedicated accounts shall permit you to enable or turn off the firewall for any website with a click. You shall also be able to activate a passive detection mode with which ModSecurity shall keep a log of potential attacks without actually stopping them. The thorough logs include the nature of the attack and what ModSecurity response that attack activated, where it originated from, and so on. The list of rules that we use is frequently updated in order to match any new threats that might appear on the Internet and it features both commercial rules that we get from a security corporation and custom-written ones that our administrators include if they find a threat which is not present inside the commercial list yet.
ModSecurity in VPS Servers
All VPS servers that are provided with the Hepsia Control Panel include ModSecurity. The firewall is set up and switched on by default for all domains that are hosted on the machine, so there won't be anything special which you'll have to do to protect your sites. It shall take you simply a mouse click to stop ModSecurity if necessary or to switch on its passive mode so that it records what happens without taking any steps to prevent intrusions. You will be able to look at the logs generated in passive or active mode through the corresponding section of Hepsia and discover more about the form of the attack, where it originated from, what rule the firewall employed to handle it, etcetera. We use a mixture of commercial and custom rules so as to ensure that ModSecurity shall stop as many risks as possible, thus enhancing the security of your web applications as much as possible.
ModSecurity in Dedicated Servers
When you decide to host your Internet sites on a dedicated server with the Hepsia CP, your web apps will be secured right away because ModSecurity is available with all Hepsia-based packages. You will be able to control the firewall easily and if required, you will be able to turn it off or enable its passive mode when it'll only maintain a log of what's occurring without taking any action to prevent possible attacks. The logs that you can find inside the same section of the Control Panel are quite detailed and feature data about the attacker IP address, what website and file were attacked and in what way, what rule the firewall employed to stop the intrusion, and so forth. This data shall permit you to take measures and enhance the security of your sites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones which our admins include every time they detect attacks that have not yet been included within the commercial pack.