ModSecurity is a plugin for Apache web servers that acts as a web app layer firewall. It is used to prevent attacks towards script-driven Internet sites by employing security rules that contain specific expressions. In this way, the firewall can block hacking and spamming attempts and preserve even sites that are not updated often. For example, multiple unsuccessful login attempts to a script admin area or attempts to execute a particular file with the purpose to get access to the script will trigger certain rules, so ModSecurity shall block out these activities the minute it discovers them. The firewall is quite efficient as it tracks the whole HTTP traffic to a site in real time without slowing it down, so it will be able to prevent an attack before any harm is done. It additionally keeps a very thorough log of all attack attempts which contains more information than standard Apache logs, so you can later examine the data and take extra measures to improve the security of your sites if necessary.
ModSecurity in Shared Hosting
ModSecurity is provided with all shared hosting machines, so when you choose to host your sites with our business, they'll be shielded from a wide range of attacks. The firewall is turned on as standard for all domains and subdomains, so there will be nothing you'll need to do on your end. You will be able to stop ModSecurity for any website if needed, or to activate a detection mode, so that all activity shall be recorded, but the firewall shall not take any real action. You shall be able to view specific logs using your Hepsia Control Panel including the IP where the attack came from, what the attacker wished to do and how ModSecurity addressed the threat. As we take the safety of our customers' websites very seriously, we employ a collection of commercial rules that we take from one of the top companies that maintain such rules. Our administrators also add custom rules to ensure that your websites will be shielded from as many threats as possible.
ModSecurity in Semi-dedicated Hosting
Any web app which you install in your new semi-dedicated hosting account will be protected by ModSecurity as the firewall comes with all our hosting packages and is turned on by default for any domain and subdomain you include or create through your Hepsia hosting Control Panel. You shall be able to manage ModSecurity via a dedicated section inside Hepsia where not simply could you activate or deactivate it completely, but you may also enable a passive mode, so the firewall won't stop anything, but it will still keep an archive of possible attacks. This requires only a mouse click and you shall be able to view the logs regardless if ModSecurity is in passive or active mode through the same section - what the attack was and where it came from, how it was taken care of, and so forth. The firewall uses two groups of rules on our machines - a commercial one that we get from a third-party web security firm and a custom one which our administrators update manually as to respond to newly discovered threats at the earliest opportunity.
ModSecurity in VPS Hosting
ModSecurity is pre-installed on all virtual private servers that are offered with the Hepsia hosting Control Panel, so your web apps will be secured from the moment your server is in a position. The firewall is switched on by default for any domain or subdomain on the Virtual Private Server, but if necessary, you'll be able to deactivate it with a click via the corresponding section of Hepsia. You can also set it to work in detection mode, so it shall keep an extensive log of any possible attacks without taking any action to stop them. The logs are available in the same section and provide information about the nature of the attack, what IP it came from and what ModSecurity rule was initiated to stop it. For maximum security, we use not simply commercial rules from a business operating in the field of web security, but also custom ones that our admins add manually in order to react to new risks that are still not addressed in the commercial rules.
ModSecurity in Dedicated Web Hosting
If you choose to host your websites on a dedicated server with the Hepsia CP, your web applications will be protected straight away as ModSecurity is supplied with all Hepsia-based solutions. You shall be able to regulate the firewall effortlessly and if necessary, you'll be able to turn it off or activate its passive mode when it'll only keep a log of what is taking place without taking any action to prevent potential attacks. The logs that you will find inside the exact same section of the Control Panel are quite detailed and feature data about the attacker IP, what website and file were attacked and in what way, what rule the firewall used to stop the intrusion, etc. This info shall enable you to take measures and increase the security of your sites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones that our staff include whenever they detect attacks which haven't yet been included within the commercial pack.