ModSecurity is a plugin for Apache web servers that acts as a web app layer firewall. It's employed to stop attacks towards script-driven websites by employing security rules that contain specific expressions. That way, the firewall can block hacking and spamming attempts and preserve even websites that are not updated regularly. For instance, a number of unsuccessful login attempts to a script administrator area or attempts to execute a particular file with the intention to get access to the script will trigger specific rules, so ModSecurity will block out these activities the instant it discovers them. The firewall is very efficient because it monitors the entire HTTP traffic to a website in real time without slowing it down, so it could stop an attack before any damage is done. It furthermore maintains an exceptionally thorough log of all attack attempts which includes more info than standard Apache logs, so you could later analyze the data and take extra measures to improve the security of your websites if necessary.
ModSecurity in Cloud Web Hosting
ModSecurity is available with each and every cloud web hosting solution which we provide and it's activated by default for every domain or subdomain that you add via your Hepsia Control Panel. If it disrupts any of your applications or you'd like to disable it for some reason, you will be able to accomplish that through the ModSecurity section of Hepsia with simply a mouse click. You can also enable a passive mode, so the firewall will identify potential attacks and maintain a log, but will not take any action. You'll be able to see detailed logs in the very same section, including the IP where the attack originated from, exactly what the attacker tried to do and at what time, what ModSecurity did, and so forth. For optimum safety of our customers we use a collection of commercial firewall rules blended with custom ones that are added by our system admins.
ModSecurity in Semi-dedicated Servers
We've included ModSecurity by default within all semi-dedicated server products, so your web applications shall be protected the instant you set them up under any domain or subdomain. The Hepsia CP that is included with the semi-dedicated accounts shall allow you to switch on or turn off the firewall for any site with a click. You'll also be able to switch on a passive detection mode with which ModSecurity will keep a log of potential attacks without really preventing them. The thorough logs include the nature of the attack and what ModSecurity response this attack activated, where it originated from, and so on. The list of rules which we use is frequently updated in order to match any new risks that could appear on the Internet and it comes with both commercial rules that we get from a security firm and custom-written ones that our admins include in the event that they find a threat which is not present in the commercial list yet.
ModSecurity in VPS Servers
Safety is very important to us, so we install ModSecurity on all VPS servers that are set up with the Hepsia CP by default. The firewall can be managed through a dedicated section within Hepsia and is switched on automatically when you add a new domain or generate a subdomain, so you will not need to do anything manually. You'll also be able to deactivate it or switch on the so-called detection mode, so it shall keep a log of possible attacks which you can later study, but will not block them. The logs in both passive and active modes offer info regarding the type of the attack and how it was eliminated, what IP it originated from and other useful information that might help you to tighten the security of your Internet sites by updating them or blocking IPs, for example. Beyond the commercial rules which we get for ModSecurity from a third-party security company, we also use our own rules as occasionally we detect specific attacks which aren't yet present in the commercial package. This way, we can easily increase the protection of your VPS immediately rather than waiting for a certified update.
ModSecurity in Dedicated Servers
All our dedicated servers that are installed with the Hepsia hosting Control Panel include ModSecurity, so any application which you upload or install shall be secured from the very beginning and you won't have to stress about common attacks or vulnerabilities. An individual section inside Hepsia will enable you to start or stop the firewall for each and every domain or subdomain, or switch on a detection mode so that it records information regarding intrusions, but doesn't take actions to prevent them. What you shall discover in the logs can enable you to to secure your websites better - the IP address an attack came from, what site was attacked and in what way, what ModSecurity rule was triggered, and so on. With this info, you could see whether an Internet site needs an update, if you ought to block IPs from accessing your server, etcetera. Besides the third-party commercial security rules for ModSecurity we use, our administrators add custom ones too when they come across a new threat which is not yet a part of the commercial bundle.