ModSecurity is a plugin for Apache web servers that acts as a web app layer firewall. It is employed to stop attacks toward script-driven websites by using security rules which contain particular expressions. This way, the firewall can stop hacking and spamming attempts and preserve even websites that aren't updated on a regular basis. For example, several unsuccessful login attempts to a script administrator area or attempts to execute a particular file with the objective to get access to the script shall trigger specific rules, so ModSecurity shall block out these activities the second it discovers them. The firewall is quite efficient because it monitors the whole HTTP traffic to a site in real time without slowing it down, so it could stop an attack before any harm is done. It additionally keeps an exceptionally detailed log of all attack attempts which includes more information than standard Apache logs, so you could later check out the data and take extra measures to enhance the security of your websites if necessary.
ModSecurity in Cloud Hosting
ModSecurity comes standard with all cloud hosting packages that we offer and it will be turned on automatically for any domain or subdomain that you add/create in your Hepsia hosting CP. The firewall has 3 different modes, so you can switch on and deactivate it with just a mouse click or set it to detection mode, so it will maintain a log of all attacks, but it'll not do anything to stop them. The log for any of your websites will include detailed info which includes the nature of the attack, where it originated from, what action was taken by ModSecurity, etcetera. The firewall rules we use are regularly updated and incorporate both commercial ones which we get from a third-party security firm and custom ones that our system administrators include in case that they detect a new kind of attacks. In this way, the websites you host here shall be far more secure with no action expected on your end.
ModSecurity in Semi-dedicated Servers
ModSecurity is a part of our semi-dedicated server packages and if you opt to host your websites with our company, there won't be anything special you will have to do since the firewall is activated by default for all domains and subdomains which you include through your hosting Control Panel. If necessary, you can disable ModSecurity for a given Internet site or enable the so-called detection mode in which case the firewall shall still work and record data, but won't do anything to stop possible attacks on your sites. In depth logs shall be available within your CP and you shall be able to see what type of attacks happened, what security rules were triggered and how the firewall handled the threats, what IP addresses the attacks came from, and so on. We employ 2 sorts of rules on our servers - commercial ones from a company which operates in the field of web security, and customized ones that our administrators occasionally add to respond to newly found threats in a timely manner.
ModSecurity in VPS Servers
Security is of the utmost importance to us, so we install ModSecurity on all VPS servers that are provided with the Hepsia Control Panel by default. The firewall could be managed through a dedicated section in Hepsia and is activated automatically when you add a new domain or generate a subdomain, so you'll not need to do anything manually. You will also be able to deactivate it or activate the so-called detection mode, so it will maintain a log of potential attacks which you can later examine, but will not stop them. The logs in both passive and active modes offer details regarding the form of the attack and how it was prevented, what IP address it came from and other important data which may help you to tighten the security of your Internet sites by updating them or blocking IPs, as an example. In addition to the commercial rules which we get for ModSecurity from a third-party security enterprise, we also implement our own rules as from time to time we identify specific attacks that are not yet present inside the commercial package. That way, we could boost the security of your VPS immediately rather than waiting for an official update.
ModSecurity in Dedicated Servers
All of our dedicated servers which are set up with the Hepsia hosting Control Panel include ModSecurity, so any application which you upload or install will be properly secured from the very beginning and you'll not have to bother about common attacks or vulnerabilities. An independent section in Hepsia will enable you to start or stop the firewall for any domain or subdomain, or activate a detection mode so that it records details about intrusions, but doesn't take actions to stop them. What you will find in the logs can allow you to to secure your Internet sites better - the IP address an attack originated from, what site was attacked and in what way, what ModSecurity rule was triggered, and so forth. With this information, you could see if a website needs an update, if you ought to block IPs from accessing your hosting server, etcetera. Aside from the third-party commercial security rules for ModSecurity which we use, our administrators add custom ones too every time they come across a new threat that is not yet included in the commercial bundle.