ModSecurity is a plugin for Apache web servers that acts as a web application layer firewall. It is employed to prevent attacks toward script-driven websites through the use of security rules that contain particular expressions. This way, the firewall can block hacking and spamming attempts and shield even websites that aren't updated often. For example, several failed login attempts to a script admin area or attempts to execute a certain file with the objective to get access to the script will trigger particular rules, so ModSecurity will stop these activities the moment it discovers them. The firewall is quite efficient since it monitors the whole HTTP traffic to an Internet site in real time without slowing it down, so it could prevent an attack before any harm is done. It also keeps an incredibly comprehensive log of all attack attempts that includes more information than traditional Apache logs, so you can later check out the data and take extra measures to improve the security of your sites if required.
ModSecurity in Shared Website Hosting
ModSecurity comes by default with all shared website hosting packages that we offer and it shall be turned on automatically for any domain or subdomain that you add/create in your Hepsia hosting Control Panel. The firewall has three different modes, so you can switch on and deactivate it with simply a click or set it to detection mode, so it shall keep a log of all attacks, but it will not do anything to prevent them. The log for each of your sites will contain in-depth information such as the nature of the attack, where it came from, what action was taken by ModSecurity, etc. The firewall rules we use are constantly updated and incorporate both commercial ones that we get from a third-party security firm and custom ones that our system admins include in the event that they detect a new type of attacks. That way, the Internet sites that you host here shall be far more protected with no action needed on your end.
ModSecurity in Semi-dedicated Hosting
Any web program that you set up within your new semi-dedicated hosting account shall be protected by ModSecurity as the firewall is provided with all our hosting packages and is turned on by default for any domain and subdomain you include or create through your Hepsia hosting CP. You'll be able to manage ModSecurity via a dedicated area inside Hepsia where not only could you activate or deactivate it entirely, but you could also switch on a passive mode, so the firewall shall not block anything, but it'll still maintain a record of possible attacks. This takes simply a mouse click and you shall be able to view the logs regardless if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was taken care of, and so forth. The firewall uses 2 sets of rules on our web servers - a commercial one that we get from a third-party web security provider and a custom one which our admins update personally in order to respond to newly discovered risks as soon as possible.
ModSecurity in VPS Web Hosting
ModSecurity is provided with all Hepsia-based virtual private servers that we offer and it will be switched on automatically for any new domain or subdomain you include on the machine. In this way, any web application you install will be secured right away without doing anything manually on your end. The firewall may be handled via the section of the CP which bears the same name. This is the location in whichyou can disable ModSecurity or enable its passive mode, so it shall not take any action against threats, but will still maintain a thorough log. The recorded info is available in the same section as well and you shall be able to see what IPs any attacks came from so that you can stop them, what the nature of the attempted attacks was and based upon what security rules ModSecurity responded. The rules which we employ on our servers are a mixture between commercial ones that we obtain from a security company and custom ones that are included by our staff to enhance the protection of any web applications hosted on our end.
ModSecurity in Dedicated Servers Hosting
ModSecurity is provided as standard with all dedicated servers that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain you host or subdomain you create on the web server. Just in case that a web app doesn't function adequately, you can either switch off the firewall or set it to work in passive mode. The second means that ModSecurity shall maintain a log of any potential attack that could take place, but shall not take any action to prevent it. The logs created in passive or active mode will provide you with additional details about the exact file that was attacked, the nature of the attack and the IP it came from, and so forth. This data shall allow you to decide what measures you can take to boost the safety of your Internet sites, including blocking IPs or carrying out script and plugin updates. The ModSecurity rules we use are updated often with a commercial bundle from a third-party security enterprise we work with, but oftentimes our staff add their own rules as well when they identify a new potential threat.