ModSecurity is a plugin for Apache web servers which acts as a web application layer firewall. It's used to prevent attacks towards script-driven sites by using security rules that contain certain expressions. This way, the firewall can block hacking and spamming attempts and preserve even sites which are not updated on a regular basis. For instance, several unsuccessful login attempts to a script administrative area or attempts to execute a specific file with the intention to get access to the script shall trigger particular rules, so ModSecurity will block out these activities the minute it discovers them. The firewall is extremely efficient because it screens the entire HTTP traffic to an Internet site in real time without slowing it down, so it can easily prevent an attack before any damage is done. It furthermore keeps a very detailed log of all attack attempts which includes more info than conventional Apache logs, so you could later examine the data and take extra measures to improve the security of your Internet sites if needed.
ModSecurity in Shared Web Hosting
ModSecurity is offered with every shared web hosting
plan which we offer and it's turned on by default for every domain or subdomain that you include via your Hepsia Control Panel. If it interferes with any of your programs or you'd like to disable it for some reason, you will be able to achieve that through the ModSecurity area of Hepsia with only a mouse click. You could also activate a passive mode, so the firewall will discover possible attacks and maintain a log, but will not take any action. You can see detailed logs in the exact same section, including the IP address where the attack originated from, what exactly the attacker attempted to do and at what time, what ModSecurity did, etcetera. For max security of our customers we use a set of commercial firewall rules mixed with custom ones which are provided by our system administrators.
ModSecurity in Semi-dedicated Servers
We have included ModSecurity by default inside all semi-dedicated server
products, so your web applications shall be protected the instant you set them up under any domain or subdomain. The Hepsia CP that comes with the semi-dedicated accounts shall allow you to activate or disable the firewall for any website with a click. You shall also be able to switch on a passive detection mode with which ModSecurity shall keep a log of potential attacks without really preventing them. The comprehensive logs include the nature of the attack and what ModSecurity response that attack activated, where it came from, and so on. The list of rules we use is regularly updated as to match any new risks that may appear on the Internet and it consists of both commercial rules that we get from a security business and custom-written ones that our administrators include in the event that they find a threat that is not present inside the commercial list yet.
ModSecurity in VPS Servers
ModSecurity is pre-installed on all VPS servers
which are provided with the Hepsia hosting CP, so your web applications shall be secured from the second your server is in a position. The firewall is activated by default for any domain or subdomain on the Virtual Private Server, but if necessary, you can deactivate it with a click from the corresponding section of Hepsia. You can also set it to work in detection mode, so it'll maintain a comprehensive log of any potential attacks without taking any action to prevent them. The logs are available in the very same section and include info about the nature of the attack, what IP it originated from and what ModSecurity rule was triggered to stop it. For best security, we use not simply commercial rules from a business operating in the field of web security, but also custom ones that our administrators include personally so as to react to new risks which are still not dealt with in the commercial rules.
ModSecurity in Dedicated Servers
All our dedicated servers
that are installed with the Hepsia hosting Control Panel include ModSecurity, so any application you upload or install shall be properly secured from the very beginning and you'll not have to worry about common attacks or vulnerabilities. An individual section within Hepsia will allow you to start or stop the firewall for every domain or subdomain, or turn on a detection mode so that it records info about intrusions, but doesn't take actions to prevent them. What you'll find in the logs shall enable you to to secure your websites better - the IP address an attack originated from, what website was attacked and exactly how, what ModSecurity rule was triggered, and so forth. With this info, you could see if a website needs an update, if you need to block IPs from accessing your hosting server, and so on. Besides the third-party commercial security rules for ModSecurity that we use, our admins include custom ones too if they discover a new threat that's not yet a part of the commercial bundle.