ModSecurity is a plugin for Apache web servers that acts as a web app layer firewall. It is employed to stop attacks toward script-driven Internet sites by employing security rules which contain certain expressions. This way, the firewall can stop hacking and spamming attempts and protect even Internet sites that aren't updated regularly. For example, multiple unsuccessful login attempts to a script administrator area or attempts to execute a certain file with the objective to get access to the script shall trigger certain rules, so ModSecurity will block out these activities the minute it identifies them. The firewall is extremely efficient because it monitors the whole HTTP traffic to a site in real time without slowing it down, so it could prevent an attack before any harm is done. It furthermore keeps a very thorough log of all attack attempts that features more info than typical Apache logs, so you can later check out the data and take extra measures to boost the security of your websites if necessary.
ModSecurity in Website Hosting
ModSecurity is supplied with all website hosting web servers, so when you decide to host your Internet sites with our business, they'll be shielded from an array of attacks. The firewall is enabled as standard for all domains and subdomains, so there'll be nothing you shall need to do on your end. You shall be able to stop ModSecurity for any Internet site if needed, or to switch on a detection mode, so all activity shall be recorded, but the firewall shall not take any real action. You'll be able to view detailed logs using your Hepsia CP including the IP address where the attack came from, what the attacker planned to do and how ModSecurity dealt with the threat. As we take the protection of our clients' sites seriously, we use a collection of commercial rules which we take from one of the best companies that maintain this kind of rules. Our admins also include custom rules to make certain that your sites shall be resistant to as many risks as possible.
ModSecurity in Semi-dedicated Hosting
We've included ModSecurity as a standard within all semi-dedicated hosting products, so your web apps shall be protected as soon as you install them under any domain or subdomain. The Hepsia CP which comes with the semi-dedicated accounts shall allow you to enable or disable the firewall for any Internet site with a click. You'll also have the ability to turn on a passive detection mode with which ModSecurity shall keep a log of potential attacks without actually stopping them. The comprehensive logs contain the nature of the attack and what ModSecurity response that attack caused, where it came from, and so forth. The list of rules that we use is regularly updated in order to match any new threats which may appear on the Internet and it features both commercial rules that we get from a security corporation and custom-written ones which our admins add if they find a threat that's not present in the commercial list yet.
ModSecurity in VPS
All virtual private servers that are provided with the Hepsia Control Panel come with ModSecurity. The firewall is set up and turned on by default for all domains which are hosted on the server, so there shall not be anything special that you will have to do to protect your Internet sites. It shall take you only a click to stop ModSecurity if required or to turn on its passive mode so that it records what happens without taking any measures to stop intrusions. You shall be able to look at the logs created in active or passive mode through the corresponding section of Hepsia and discover more about the type of the attack, where it originated from, what rule the firewall employed to take care of it, etcetera. We employ a mix of commercial and custom rules so as to ensure that ModSecurity will stop as many threats as possible, therefore enhancing the protection of your web programs as much as possible.
ModSecurity in Dedicated Hosting
When you decide to host your sites on a dedicated server with the Hepsia Control Panel, your web applications shall be secured immediately since ModSecurity is available with all Hepsia-based plans. You will be able to regulate the firewall with ease and if required, you'll be able to turn it off or activate its passive mode when it'll only maintain a log of what is going on without taking any action to stop potential attacks. The logs that you can find in the very same section of the CP are quite detailed and feature information about the attacker IP, what site and file were attacked and in what ways, what rule the firewall used to stop the intrusion, and so forth. This data will enable you to take measures and increase the security of your sites even more. To be on the safe side, we use not just commercial rules, but also custom-made ones that our staff include every time they recognize attacks that have not yet been included inside the commercial pack.