ModSecurity is a plugin for Apache web servers which acts as a web app layer firewall. It's used to prevent attacks against script-driven websites by using security rules that contain certain expressions. This way, the firewall can prevent hacking and spamming attempts and shield even sites that aren't updated on a regular basis. For example, several failed login attempts to a script administrative area or attempts to execute a specific file with the purpose to get access to the script will trigger certain rules, so ModSecurity will block these activities the second it detects them. The firewall is extremely efficient as it screens the whole HTTP traffic to a website in real time without slowing it down, so it could stop an attack before any harm is done. It additionally maintains an exceptionally detailed log of all attack attempts that features more info than typical Apache logs, so you can later check out the data and take additional measures to improve the security of your sites if necessary.
ModSecurity in Cloud Hosting
We offer ModSecurity with all cloud hosting solutions, so your Internet apps shall be resistant to malicious attacks. The firewall is switched on as standard for all domains and subdomains, but if you would like, you shall be able to stop it using the respective part of your Hepsia CP. You can also activate a detection mode, so ModSecurity shall keep a log as intended, but won't take any action. The logs that you'll discover within Hepsia are quite detailed and include data about the nature of any attack, when it happened and from what IP, the firewall rule that was triggered, and so on. We employ a range of commercial rules that are constantly updated, but sometimes our administrators include custom rules as well in order to efficiently protect the sites hosted on our servers.
ModSecurity in Semi-dedicated Servers
We've integrated ModSecurity as a standard in all semi-dedicated server plans, so your web apps will be protected the instant you set them up under any domain or subdomain. The Hepsia CP that is included with the semi-dedicated accounts will allow you to activate or disable the firewall for any Internet site with a click. You'll also be able to activate a passive detection mode in which ModSecurity will maintain a log of possible attacks without actually stopping them. The detailed logs include things like the nature of the attack and what ModSecurity response that attack initiated, where it originated from, and so on. The list of rules which we use is regularly updated in order to match any new risks that could appear on the Internet and it features both commercial rules that we get from a security corporation and custom-written ones that our admins include in the event that they find a threat that's not present in the commercial list yet.
ModSecurity in VPS Servers
All VPS servers that are provided with the Hepsia Control Panel come with ModSecurity. The firewall is installed and turned on by default for all domains that are hosted on the web server, so there shall not be anything special that you shall have to do to protect your Internet sites. It shall take you a click to stop ModSecurity if necessary or to turn on its passive mode so that it records what goes on without taking any steps to prevent intrusions. You'll be able to look at the logs generated in active or passive mode from the corresponding section of Hepsia and discover more about the type of the attack, where it came from, what rule the firewall employed to take care of it, and so on. We employ a mix of commercial and custom rules in order to ensure that ModSecurity shall stop as many risks as possible, thus improving the protection of your web applications as much as possible.
ModSecurity in Dedicated Servers
When you opt to host your Internet sites on a dedicated server with the Hepsia Control Panel, your web programs will be secured immediately since ModSecurity is supplied with all Hepsia-based plans. You will be able to regulate the firewall without difficulty and if required, you'll be able to turn it off or switch on its passive mode when it shall only maintain a log of what's occurring without taking any action to prevent potential attacks. The logs which you'll find inside the exact same section of the CP are extremely detailed and include info about the attacker IP, what website and file were attacked and in what ways, what rule the firewall employed to prevent the intrusion, and so on. This data will permit you to take measures and enhance the security of your sites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones that our admins include whenever they detect attacks which have not yet been included in the commercial pack.