ModSecurity is a plugin for Apache web servers which acts as a web app layer firewall. It's used to prevent attacks toward script-driven sites through the use of security rules that contain particular expressions. That way, the firewall can prevent hacking and spamming attempts and protect even sites which aren't updated on a regular basis. As an example, numerous failed login attempts to a script admin area or attempts to execute a certain file with the objective to get access to the script shall trigger particular rules, so ModSecurity shall stop these activities the second it identifies them. The firewall is incredibly efficient since it screens the entire HTTP traffic to a site in real time without slowing it down, so it could stop an attack before any harm is done. It furthermore maintains an incredibly comprehensive log of all attack attempts which contains more info than conventional Apache logs, so you could later analyze the data and take extra measures to improve the security of your sites if necessary.
ModSecurity in Website Hosting
We offer ModSecurity with all website hosting plans, so your web apps will be shielded from destructive attacks. The firewall is turned on by default for all domains and subdomains, but if you would like, you will be able to stop it via the respective section of your Hepsia Control Panel. You could also switch on a detection mode, so ModSecurity will keep a log as intended, but shall not take any action. The logs which you will find within Hepsia are incredibly detailed and feature info about the nature of any attack, when it took place and from what IP, the firewall rule which was triggered, and so on. We employ a group of commercial rules which are constantly updated, but sometimes our admins add custom rules as well so as to efficiently protect the sites hosted on our servers.
ModSecurity in Semi-dedicated Servers
ModSecurity is a part of our semi-dedicated server solutions and if you opt to host your sites with us, there won't be anything special you'll need to do given that the firewall is switched on by default for all domains and subdomains which you include via your hosting Control Panel. If required, you could disable ModSecurity for a given Internet site or enable the so-called detection mode in which case the firewall shall still operate and record information, but shall not do anything to stop potential attacks against your sites. Thorough logs shall be readily available within your Control Panel and you shall be able to see what sort of attacks occurred, what security rules were triggered and how the firewall handled the threats, what Internet protocol addresses the attacks came from, etc. We employ two types of rules on our servers - commercial ones from an organization that operates in the field of web security, and custom ones that our administrators sometimes add to respond to newly identified threats promptly.
ModSecurity in Dedicated Servers
All our dedicated servers which are installed with the Hepsia hosting Control Panel include ModSecurity, so any program that you upload or set up will be protected from the very beginning and you will not have to bother about common attacks or vulnerabilities. An independent section in Hepsia will enable you to start or stop the firewall for each domain or subdomain, or activate a detection mode so that it records details about intrusions, but doesn't take actions to stop them. What you will find in the logs can help you to secure your websites better - the IP an attack came from, what website was attacked and in what way, what ModSecurity rule was triggered, and so on. With this information, you can see whether a website needs an update, if you need to block IPs from accessing your web server, etc. Besides the third-party commercial security rules for ModSecurity we use, our administrators include custom ones too every time they find a new threat that is not yet in the commercial bundle.