ModSecurity is a plugin for Apache web servers that functions as a web application layer firewall. It is used to prevent attacks towards script-driven websites through the use of security rules that contain particular expressions. That way, the firewall can prevent hacking and spamming attempts and protect even sites which aren't updated frequently. For instance, multiple failed login attempts to a script administrative area or attempts to execute a specific file with the intention to get access to the script will trigger specific rules, so ModSecurity will stop these activities the minute it discovers them. The firewall is very efficient because it monitors the whole HTTP traffic to a site in real time without slowing it down, so it can prevent an attack before any harm is done. It furthermore maintains a very thorough log of all attack attempts that features more information than traditional Apache logs, so you could later check out the data and take extra measures to enhance the security of your websites if required.
ModSecurity in Cloud Website Hosting
ModSecurity is supplied with all cloud website hosting servers, so when you decide to host your Internet sites with our organization, they shall be protected against an array of attacks. The firewall is turned on as standard for all domains and subdomains, so there'll be nothing you shall have to do on your end. You shall be able to stop ModSecurity for any website if required, or to enable a detection mode, so that all activity shall be recorded, but the firewall shall not take any real action. You will be able to view specific logs from your Hepsia Control Panel including the IP where the attack originated from, what the attacker wished to do and how ModSecurity handled the threat. As we take the safety of our clients' Internet sites very seriously, we employ a set of commercial rules which we get from one of the top firms that maintain this type of rules. Our admins also include custom rules to ensure that your websites will be resistant to as many threats as possible.
ModSecurity in Semi-dedicated Servers
Any web application which you set up within your new semi-dedicated server account will be protected by ModSecurity as the firewall is provided with all our hosting packages and is turned on by default for any domain and subdomain you add or create via your Hepsia hosting Control Panel. You will be able to manage ModSecurity through a dedicated area inside Hepsia where not simply could you activate or deactivate it completely, but you could also enable a passive mode, so the firewall shall not stop anything, but it'll still keep an archive of potential attacks. This takes only a click and you will be able to view the logs regardless of if ModSecurity is in active or passive mode through the same section - what the attack was and where it came from, how it was addressed, and so on. The firewall employs two sets of rules on our servers - a commercial one that we get from a third-party web security company and a custom one that our administrators update manually in order to respond to newly discovered risks at the earliest opportunity.
ModSecurity in VPS Servers
ModSecurity is provided with all Hepsia-based VPS servers which we offer and it will be switched on automatically for any new domain or subdomain which you add on the hosting server. In this way, any web app that you install shall be protected from the very beginning without doing anything manually on your end. The firewall could be handled from the section of the Control Panel that bears the same name. This is the place whereyou could switch off ModSecurity or let its passive mode, so it shall not take any action toward threats, but shall still maintain a thorough log. The recorded data is available within the same area as well and you shall be able to see what IPs any attacks came from so that you block them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity responded. The rules we use on our servers are a mix between commercial ones that we get from a security firm and custom ones that are added by our admins to optimize the security of any web applications hosted on our end.
ModSecurity in Dedicated Servers
ModSecurity is provided as standard with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain that you host or subdomain that you create on the web server. In case that a web app doesn't function correctly, you can either disable the firewall or set it to function in passive mode. The second means that ModSecurity shall keep a log of any possible attack which could happen, but shall not take any action to prevent it. The logs produced in passive or active mode shall offer you more details about the exact file that was attacked, the form of the attack and the IP it originated from, and so forth. This data shall permit you to decide what steps you can take to increase the safety of your websites, including blocking IPs or carrying out script and plugin updates. The ModSecurity rules we employ are updated often with a commercial package from a third-party security provider we work with, but occasionally our administrators add their own rules also in the event that they find a new potential threat.