ModSecurity is a plugin for Apache web servers that functions as a web app layer firewall. It's employed to prevent attacks toward script-driven sites through the use of security rules that contain specific expressions. That way, the firewall can stop hacking and spamming attempts and preserve even websites which are not updated often. As an example, multiple failed login attempts to a script administrator area or attempts to execute a specific file with the objective to get access to the script shall trigger specific rules, so ModSecurity will block these activities the minute it discovers them. The firewall is extremely efficient since it tracks the whole HTTP traffic to an Internet site in real time without slowing it down, so it could stop an attack before any harm is done. It additionally maintains an incredibly thorough log of all attack attempts which contains more info than standard Apache logs, so you can later check out the data and take further measures to increase the security of your websites if necessary.
ModSecurity in Cloud Hosting
We offer ModSecurity with all cloud hosting solutions, so your web applications shall be protected against malicious attacks. The firewall is switched on as standard for all domains and subdomains, but if you would like, you will be able to stop it using the respective part of your Hepsia Control Panel. You can also switch on a detection mode, so ModSecurity shall keep a log as intended, but won't take any action. The logs which you shall discover within Hepsia are incredibly detailed and feature information about the nature of any attack, when it took place and from what IP, the firewall rule that was triggered, etc. We employ a range of commercial rules that are frequently updated, but sometimes our administrators add custom rules as well in order to better protect the websites hosted on our machines.
ModSecurity in Semi-dedicated Hosting
ModSecurity is a part of our semi-dedicated hosting packages and if you opt to host your websites with our company, there will not be anything special you'll have to do given that the firewall is turned on by default for all domains and subdomains you include via your hosting CP. If necessary, you can disable ModSecurity for a given Internet site or activate the so-called detection mode in which case the firewall will still work and record info, but will not do anything to prevent possible attacks on your websites. Thorough logs will be available in your CP and you shall be able to see what sort of attacks happened, what security rules were triggered and how the firewall addressed the threats, what Internet protocol addresses the attacks came from, etc. We use two types of rules on our servers - commercial ones from a firm that operates in the field of web security, and custom made ones which our admins often add to respond to newly found risks on time.
ModSecurity in Dedicated Servers Hosting
ModSecurity is provided with all dedicated servers which are integrated with our Hepsia CP and you will not have to do anything specific on your end to employ it since it is activated by default every time you include a new domain or subdomain on your hosting server. In the event that it interferes with any of your applications, you will be able to stop it via the respective area of Hepsia, or you may leave it operating in passive mode, so it will identify attacks and shall still maintain a log for them, but will not stop them. You could look at the logs later to learn what you can do to enhance the security of your sites as you shall find details such as where an intrusion attempt came from, what site was attacked and in accordance with what rule ModSecurity responded, etc. The rules which we employ are commercial, therefore they are frequently updated by a security provider, but to be on the safe side, our staff also add custom rules every now and then in order to react to any new threats they have identified.