ModSecurity is a plugin for Apache web servers that functions as a web application layer firewall. It is employed to stop attacks towards script-driven sites by employing security rules that contain specific expressions. That way, the firewall can block hacking and spamming attempts and shield even sites that aren't updated frequently. For example, numerous failed login attempts to a script admin area or attempts to execute a particular file with the intention to get access to the script shall trigger particular rules, so ModSecurity shall block out these activities the second it detects them. The firewall is very efficient as it monitors the entire HTTP traffic to an Internet site in real time without slowing it down, so it will be able to stop an attack before any harm is done. It additionally keeps an incredibly detailed log of all attack attempts that includes more info than conventional Apache logs, so you could later examine the data and take extra measures to improve the security of your websites if needed.
ModSecurity in Shared Web Hosting
We provide ModSecurity with all shared web hosting plans, so your Internet apps will be protected against harmful attacks. The firewall is activated as standard for all domains and subdomains, but in case you would like, you will be able to stop it via the respective area of your Hepsia Control Panel. You could also switch on a detection mode, so ModSecurity will keep a log as intended, but will not take any action. The logs that you'll find within Hepsia are very detailed and feature information about the nature of any attack, when it took place and from what IP address, the firewall rule which was triggered, and so forth. We use a range of commercial rules that are often updated, but sometimes our admins add custom rules as well in order to better protect the Internet sites hosted on our servers.
ModSecurity in Semi-dedicated Hosting
All semi-dedicated hosting plans which we offer feature ModSecurity and given that the firewall is enabled by default, any website you create under a domain or a subdomain will be protected straight away. An independent section within the Hepsia Control Panel that comes with the semi-dedicated accounts is devoted to ModSecurity and it'll allow you to start and stop the firewall for any site or enable a detection mode. With the latter, ModSecurity will not take any action, but it'll still identify possible attacks and will keep all data within a log as if it were fully active. The logs can be found inside the very same section of the CP and they offer information about the IP where an attack came from, what its nature was, what rule ModSecurity applies to identify and stop it, and so on. The security rules we use on our servers are a mix between commercial ones from a security company and custom ones made by our system admins. For that reason, we offer increased security for your web programs as we can defend them from attacks before security companies release updates for new threats.
ModSecurity in VPS Web Hosting
ModSecurity comes with all Hepsia-based virtual private servers we offer and it will be switched on automatically for any new domain or subdomain which you add on the machine. In this way, any web app which you install will be protected right away without doing anything by hand on your end. The firewall may be managed through the section of the Control Panel that bears the same name. This is the place in whichyou'll be able to turn off ModSecurity or let its passive mode, so it shall not take any action against threats, but will still keep a thorough log. The recorded info is available in the same section as well and you'll be able to see what IPs any attacks came from so that you can block them, what the nature of the attempted attacks was and based upon what security rules ModSecurity responded. The rules which we employ on our servers are a combination between commercial ones which we get from a security organization and custom ones that are included by our staff to maximize the security of any web apps hosted on our end.
ModSecurity in Dedicated Servers Hosting
All our dedicated servers which are set up with the Hepsia hosting Control Panel feature ModSecurity, so any program that you upload or install will be protected from the very beginning and you won't have to concern yourself with common attacks or vulnerabilities. A separate section within Hepsia will allow you to start or stop the firewall for each domain or subdomain, or switch on a detection mode so that it records details about intrusions, but doesn't take actions to prevent them. What you will discover in the logs shall help you to secure your Internet sites better - the IP address an attack came from, what website was attacked and in what way, what ModSecurity rule was triggered, etcetera. With this data, you can see whether a website needs an update, whether you need to block IPs from accessing your hosting server, and so forth. Besides the third-party commercial security rules for ModSecurity we use, our admins add custom ones as well every time they find a new threat that's not yet a part of the commercial bundle.