ModSecurity is a plugin for Apache web servers that acts as a web application layer firewall. It is employed to stop attacks towards script-driven websites by using security rules which contain certain expressions. This way, the firewall can block hacking and spamming attempts and preserve even Internet sites that aren't updated frequently. For instance, numerous failed login attempts to a script admin area or attempts to execute a certain file with the objective to get access to the script will trigger specific rules, so ModSecurity will block out these activities the second it identifies them. The firewall is incredibly efficient because it screens the entire HTTP traffic to a website in real time without slowing it down, so it can prevent an attack before any damage is done. It furthermore keeps an incredibly detailed log of all attack attempts which contains more info than traditional Apache logs, so you can later examine the data and take extra measures to enhance the security of your sites if required.
ModSecurity in Cloud Hosting
ModSecurity comes by default with all cloud hosting
solutions which we supply and it'll be switched on automatically for any domain or subdomain you add/create in your Hepsia hosting CP. The firewall has three different modes, so you'll be able to activate and disable it with simply a click or set it to detection mode, so it shall keep a log of all attacks, but it shall not do anything to prevent them. The log for each of your websites shall feature comprehensive info which includes the nature of the attack, where it came from, what action was taken by ModSecurity, etc. The firewall rules which we use are regularly updated and include both commercial ones which we get from a third-party security company and custom ones which our system administrators include in the event that they detect a new sort of attacks. This way, the Internet sites that you host here will be far more secure without any action needed on your end.
ModSecurity in Semi-dedicated Servers
ModSecurity is part of our semi-dedicated server
solutions and if you choose to host your Internet sites with us, there won't be anything special you will have to do given that the firewall is activated by default for all domains and subdomains which you include using your hosting CP. If necessary, you can disable ModSecurity for a certain site or switch on the so-called detection mode in which case the firewall shall still function and record info, but shall not do anything to stop potential attacks against your websites. Thorough logs shall be readily available in your Control Panel and you shall be able to see what sort of attacks happened, what security rules were triggered and how the firewall handled the threats, what IP addresses the attacks originated from, etc. We employ 2 kinds of rules on our servers - commercial ones from a firm that operates in the field of web security, and custom ones that our administrators often add to respond to newly found threats promptly.
ModSecurity in VPS Servers
ModSecurity is provided with all Hepsia-based VPS servers
we offer and it shall be switched on automatically for every new domain or subdomain which you include on the web server. That way, any web app which you install shall be secured right away without doing anything by hand on your end. The firewall could be handled from the section of the Control Panel which has the same name. This is the area in whichyou could disable ModSecurity or let its passive mode, so it won't take any action towards threats, but shall still maintain a comprehensive log. The recorded info is available in the same area as well and you shall be able to see what IPs any attacks originated from so that you block them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity reacted. The rules that we use on our servers are a blend between commercial ones which we obtain from a security firm and custom ones that are added by our staff to optimize the protection of any web applications hosted on our end.
ModSecurity in Dedicated Servers
ModSecurity is available by default with all dedicated servers
which are set up with the Hepsia CP and is set to “Active” automatically for any domain you host or subdomain that you create on the web server. In case that a web application doesn't function adequately, you may either disable the firewall or set it to work in passive mode. The second means that ModSecurity shall keep a log of any potential attack which may occur, but won't take any action to stop it. The logs created in passive or active mode shall give you additional details about the exact file which was attacked, the nature of the attack and the IP it came from, and so forth. This data will enable you to choose what actions you can take to boost the protection of your sites, including blocking IPs or carrying out script and plugin updates. The ModSecurity rules we use are updated frequently with a commercial bundle from a third-party security provider we work with, but occasionally our staff add their own rules also when they come across a new potential threat.