ModSecurity is a plugin for Apache web servers that functions as a web application layer firewall. It is employed to prevent attacks towards script-driven sites by employing security rules which contain specific expressions. That way, the firewall can block hacking and spamming attempts and protect even websites which aren't updated frequently. For example, several unsuccessful login attempts to a script administrative area or attempts to execute a specific file with the objective to get access to the script shall trigger certain rules, so ModSecurity shall block out these activities the instant it detects them. The firewall is incredibly efficient since it screens the entire HTTP traffic to a site in real time without slowing it down, so it could stop an attack before any harm is done. It furthermore keeps a very comprehensive log of all attack attempts that includes more information than traditional Apache logs, so you could later examine the data and take extra measures to improve the security of your sites if needed.
ModSecurity in Cloud Website Hosting
ModSecurity is supplied with all cloud website hosting machines, so if you decide to host your websites with our firm, they'll be shielded from a wide array of attacks. The firewall is enabled by default for all domains and subdomains, so there will be nothing you'll have to do on your end. You'll be able to stop ModSecurity for any site if needed, or to activate a detection mode, so all activity will be recorded, but the firewall will not take any real action. You will be able to view comprehensive logs through your Hepsia CP including the IP where the attack came from, what the attacker wished to do and how ModSecurity handled the threat. Since we take the security of our customers' websites very seriously, we employ a set of commercial rules which we get from one of the top companies which maintain this sort of rules. Our administrators also add custom rules to make sure that your sites will be resistant to as many risks as possible.
ModSecurity in Semi-dedicated Servers
Any web application you install inside your new semi-dedicated server account will be protected by ModSecurity because the firewall comes with all our hosting solutions and is activated by default for any domain and subdomain that you include or create through your Hepsia hosting CP. You shall be able to manage ModSecurity via a dedicated area inside Hepsia where not simply could you activate or deactivate it completely, but you could also enable a passive mode, so the firewall shall not stop anything, but it will still maintain a record of possible attacks. This takes simply a click and you'll be able to view the logs regardless if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was dealt with, and so on. The firewall uses two sets of rules on our web servers - a commercial one that we get from a third-party web security provider and a custom one which our administrators update personally as to respond to recently discovered threats at the earliest opportunity.
ModSecurity in Dedicated Servers
ModSecurity is provided as standard with all dedicated servers which are set up with the Hepsia CP and is set to “Active” automatically for any domain that you host or subdomain that you create on the server. In the event that a web app doesn't function correctly, you can either switch off the firewall or set it to work in passive mode. The second means that ModSecurity shall keep a log of any possible attack which might occur, but won't take any action to prevent it. The logs generated in active or passive mode shall offer you more details about the exact file that was attacked, the type of the attack and the IP it came from, etc. This information shall enable you to decide what measures you can take to increase the safety of your sites, for instance blocking IPs or carrying out script and plugin updates. The ModSecurity rules we employ are updated frequently with a commercial pack from a third-party security provider we work with, but from time to time our administrators add their own rules as well when they identify a new potential threat.