ModSecurity is a plugin for Apache web servers that functions as a web app layer firewall. It's employed to prevent attacks towards script-driven Internet sites by employing security rules which contain particular expressions. That way, the firewall can prevent hacking and spamming attempts and shield even Internet sites that aren't updated on a regular basis. For example, numerous failed login attempts to a script administrative area or attempts to execute a certain file with the purpose to get access to the script shall trigger specific rules, so ModSecurity shall block these activities the moment it identifies them. The firewall is very efficient since it monitors the entire HTTP traffic to a site in real time without slowing it down, so it can stop an attack before any damage is done. It additionally maintains an exceptionally thorough log of all attack attempts that contains more info than typical Apache logs, so you can later check out the data and take additional measures to improve the security of your Internet sites if needed.
ModSecurity in Cloud Hosting
We offer ModSecurity with all cloud hosting packages, so your web applications will be resistant to malicious attacks. The firewall is switched on as standard for all domains and subdomains, but if you would like, you will be able to stop it via the respective area of your Hepsia CP. You'll be able to also switch on a detection mode, so ModSecurity will keep a log as intended, but will not take any action. The logs which you shall discover in Hepsia are very detailed and include info about the nature of any attack, when it happened and from what IP, the firewall rule that was triggered, etcetera. We employ a set of commercial rules that are often updated, but sometimes our admins include custom rules as well in order to efficiently protect the Internet sites hosted on our servers.
ModSecurity in Semi-dedicated Hosting
We have included ModSecurity as a standard in all semi-dedicated hosting packages, so your web applications shall be protected whenever you set them up under any domain or subdomain. The Hepsia Control Panel that comes with the semi-dedicated accounts will allow you to switch on or turn off the firewall for any site with a click. You shall also have the ability to activate a passive detection mode in which ModSecurity shall maintain a log of potential attacks without actually stopping them. The thorough logs include things like the nature of the attack and what ModSecurity response that attack initiated, where it came from, etcetera. The list of rules which we use is frequently updated as to match any new threats that may appear on the Internet and it comes with both commercial rules that we get from a security business and custom-written ones that our administrators include in the event that they find a threat that is not present inside the commercial list yet.
ModSecurity in VPS
Safety is essential to us, so we set up ModSecurity on all virtual private servers that are set up with the Hepsia CP by default. The firewall can be managed through a dedicated section in Hepsia and is activated automatically when you include a new domain or generate a subdomain, so you'll not have to do anything by hand. You shall also be able to deactivate it or turn on the so-called detection mode, so it shall maintain a log of potential attacks you can later analyze, but won't block them. The logs in both passive and active modes contain details about the form of the attack and how it was eliminated, what IP it came from and other valuable info which may help you to tighten the security of your sites by updating them or blocking IPs, as an example. In addition to the commercial rules that we get for ModSecurity from a third-party security firm, we also implement our own rules because from time to time we detect specific attacks that are not yet present in the commercial package. This way, we could improve the protection of your Virtual private server promptly rather than waiting for a certified update.
ModSecurity in Dedicated Hosting
When you choose to host your Internet sites on a dedicated server with the Hepsia CP, your web programs shall be secured right from the start as ModSecurity is supplied with all Hepsia-based packages. You shall be able to manage the firewall with ease and if required, you'll be able to turn it off or enable its passive mode when it'll only maintain a log of what's occurring without taking any action to stop possible attacks. The logs that you will find inside the exact same section of the CP are quite detailed and contain information about the attacker IP address, what site and file were attacked and in what way, what rule the firewall used to stop the intrusion, and so forth. This data will allow you to take measures and improve the protection of your sites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones that our administrators add every time they identify attacks that haven't yet been included in the commercial pack.