ModSecurity is a plugin for Apache web servers which acts as a web app layer firewall. It's employed to stop attacks against script-driven websites by employing security rules that contain particular expressions. This way, the firewall can stop hacking and spamming attempts and shield even websites which aren't updated frequently. For instance, multiple failed login attempts to a script administrative area or attempts to execute a specific file with the intention to get access to the script shall trigger specific rules, so ModSecurity shall block out these activities the moment it detects them. The firewall is very efficient since it tracks the whole HTTP traffic to an Internet site in real time without slowing it down, so it can stop an attack before any damage is done. It also maintains a very comprehensive log of all attack attempts that contains more info than traditional Apache logs, so you could later check out the data and take additional measures to improve the security of your websites if needed.
ModSecurity in Cloud Hosting
ModSecurity is provided with all cloud hosting
machines, so if you opt to host your sites with our organization, they will be shielded from an array of attacks. The firewall is turned on as standard for all domains and subdomains, so there shall be nothing you'll need to do on your end. You'll be able to stop ModSecurity for any Internet site if required, or to enable a detection mode, so that all activity shall be recorded, but the firewall shall not take any real action. You shall be able to view specific logs using your Hepsia CP including the IP address where the attack originated from, what the attacker planned to do and how ModSecurity addressed the threat. Since we take the safety of our clients' sites seriously, we use a group of commercial rules that we take from one of the best firms that maintain such rules. Our admins also include custom rules to ensure that your sites will be protected against as many risks as possible.
ModSecurity in Semi-dedicated Hosting
We have integrated ModSecurity by default inside all semi-dedicated hosting
products, so your web applications shall be protected the instant you install them under any domain or subdomain. The Hepsia Control Panel which comes with the semi-dedicated accounts will permit you to switch on or turn off the firewall for any site with a mouse click. You shall also be able to switch on a passive detection mode in which ModSecurity will maintain a log of possible attacks without really preventing them. The comprehensive logs contain the nature of the attack and what ModSecurity response this attack generated, where it came from, and so forth. The list of rules which we use is regularly updated as to match any new threats which might appear on the Internet and it consists of both commercial rules that we get from a security firm and custom-written ones which our administrators add if they discover a threat that is not present within the commercial list yet.
ModSecurity in VPS Hosting
Safety is vital to us, so we install ModSecurity on all virtual private servers
which are provided with the Hepsia CP by default. The firewall can be managed through a dedicated section in Hepsia and is activated automatically when you add a new domain or create a subdomain, so you will not need to do anything by hand. You will also be able to deactivate it or turn on the so-called detection mode, so it'll maintain a log of potential attacks that you can later examine, but will not stop them. The logs in both passive and active modes include information about the type of the attack and how it was eliminated, what IP it came from and other useful info which may help you to tighten the security of your Internet sites by updating them or blocking IPs, as an example. On top of the commercial rules which we get for ModSecurity from a third-party security enterprise, we also employ our own rules since from time to time we discover specific attacks which are not yet present inside the commercial pack. This way, we can enhance the security of your VPS in a timely manner rather than waiting for a certified update.
ModSecurity in Dedicated Web Hosting
ModSecurity is available as standard with all dedicated servers
which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain which you host or subdomain which you create on the web server. Just in case that a web application doesn't function correctly, you may either disable the firewall or set it to function in passive mode. The latter means that ModSecurity shall keep a log of any possible attack which may happen, but shall not take any action to stop it. The logs created in active or passive mode will give you additional details about the exact file which was attacked, the form of the attack and the IP address it originated from, etc. This data will enable you to choose what actions you can take to improve the protection of your sites, including blocking IPs or carrying out script and plugin updates. The ModSecurity rules we employ are updated frequently with a commercial bundle from a third-party security firm we work with, but from time to time our administrators add their own rules too if they find a new potential threat.