ModSecurity is a plugin for Apache web servers which acts as a web app layer firewall. It is employed to prevent attacks towards script-driven sites through the use of security rules which contain particular expressions. That way, the firewall can block hacking and spamming attempts and preserve even sites that aren't updated often. For example, numerous failed login attempts to a script admin area or attempts to execute a certain file with the intention to get access to the script will trigger certain rules, so ModSecurity shall block out these activities the second it identifies them. The firewall is very efficient as it tracks the entire HTTP traffic to an Internet site in real time without slowing it down, so it will be able to prevent an attack before any harm is done. It also keeps an exceptionally detailed log of all attack attempts that contains more information than traditional Apache logs, so you could later examine the data and take further measures to increase the security of your sites if necessary.
ModSecurity in Cloud Web Hosting
ModSecurity is supplied with all cloud web hosting servers, so if you choose to host your websites with our firm, they shall be shielded from a wide array of attacks. The firewall is enabled by default for all domains and subdomains, so there will be nothing you will need to do on your end. You shall be able to stop ModSecurity for any Internet site if necessary, or to switch on a detection mode, so that all activity shall be recorded, but the firewall will not take any real action. You'll be able to view specific logs via your Hepsia CP including the IP where the attack came from, what the attacker planned to do and how ModSecurity dealt with the threat. As we take the protection of our customers' Internet sites very seriously, we use a set of commercial rules that we take from one of the best firms that maintain such rules. Our administrators also include custom rules to make certain that your sites will be shielded from as many risks as possible.
ModSecurity in Semi-dedicated Hosting
Any web app you set up within your new semi-dedicated hosting account will be protected by ModSecurity because the firewall comes with all our hosting solutions and is turned on by default for any domain and subdomain that you add or create through your Hepsia hosting CP. You shall be able to manage ModSecurity via a dedicated section in Hepsia where not only can you activate or deactivate it entirely, but you could also enable a passive mode, so the firewall will not block anything, but it'll still maintain an archive of possible attacks. This takes just a mouse click and you'll be able to look at the logs regardless of if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was taken care of, etc. The firewall uses 2 sets of rules on our web servers - a commercial one which we get from a third-party web security company and a custom one that our admins update manually in order to respond to newly discovered threats at the earliest opportunity.
ModSecurity in VPS Hosting
ModSecurity is provided with all Hepsia-based virtual private servers that we offer and it will be turned on automatically for every new domain or subdomain that you add on the machine. That way, any web application that you install will be secured right away without doing anything by hand on your end. The firewall could be managed via the section of the Control Panel that has the same name. This is the place in whichyou could turn off ModSecurity or activate its passive mode, so it won't take any action toward threats, but will still keep a thorough log. The recorded info is available within the same section as well and you shall be able to see what IPs any attacks originated from to enable you to block them, what the nature of the attempted attacks was and based upon what security rules ModSecurity reacted. The rules which we employ on our servers are a combination between commercial ones which we get from a security organization and custom ones that are included by our administrators to optimize the security of any web applications hosted on our end.
ModSecurity in Dedicated Web Hosting
When you choose to host your sites on a dedicated server with the Hepsia Control Panel, your web applications will be secured immediately because ModSecurity is supplied with all Hepsia-based plans. You'll be able to manage the firewall effortlessly and if necessary, you will be able to turn it off or enable its passive mode when it will only keep a log of what is happening without taking any action to prevent potential attacks. The logs which you'll find inside the very same section of the Control Panel are extremely detailed and feature information about the attacker IP address, what site and file were attacked and in what ways, what rule the firewall employed to stop the intrusion, and so forth. This data will enable you to take measures and increase the security of your websites even more. To be on the safe side, we employ not just commercial rules, but also custom-made ones which our admins add every time they recognize attacks which haven't yet been included in the commercial pack.