ModSecurity is a plugin for Apache web servers which functions as a web app layer firewall. It is used to stop attacks towards script-driven Internet sites by employing security rules that contain certain expressions. That way, the firewall can prevent hacking and spamming attempts and shield even Internet sites that are not updated regularly. For instance, multiple failed login attempts to a script admin area or attempts to execute a specific file with the objective to get access to the script will trigger specific rules, so ModSecurity will block out these activities the instant it identifies them. The firewall is extremely efficient since it screens the entire HTTP traffic to an Internet site in real time without slowing it down, so it could stop an attack before any damage is done. It also maintains an incredibly thorough log of all attack attempts which features more information than typical Apache logs, so you could later examine the data and take additional measures to enhance the security of your Internet sites if needed.
ModSecurity in Website Hosting
ModSecurity is available on all website hosting web servers, so when you choose to host your Internet sites with our organization, they shall be resistant to an array of attacks. The firewall is enabled by default for all domains and subdomains, so there'll be nothing you will need to do on your end. You will be able to stop ModSecurity for any website if necessary, or to enable a detection mode, so that all activity will be recorded, but the firewall will not take any real action. You will be able to view detailed logs from your Hepsia Control Panel including the IP where the attack came from, what the attacker planned to do and how ModSecurity dealt with the threat. As we take the security of our customers' sites very seriously, we use a set of commercial rules which we take from one of the leading companies which maintain this sort of rules. Our admins also include custom rules to ensure that your sites will be protected against as many threats as possible.
ModSecurity in Semi-dedicated Hosting
We've included ModSecurity by default within all semi-dedicated hosting plans, so your web apps will be protected whenever you set them up under any domain or subdomain. The Hepsia Control Panel that comes with the semi-dedicated accounts shall allow you to enable or disable the firewall for any site with a mouse click. You will also have the ability to activate a passive detection mode through which ModSecurity will maintain a log of potential attacks without actually stopping them. The comprehensive logs contain the nature of the attack and what ModSecurity response this attack activated, where it originated from, and so on. The list of rules which we employ is regularly updated as to match any new risks which may appear on the Internet and it consists of both commercial rules that we get from a security firm and custom-written ones that our administrators add if they find a threat which is not present in the commercial list yet.
ModSecurity in VPS Hosting
All virtual private servers which are offered with the Hepsia CP come with ModSecurity. The firewall is installed and turned on by default for all domains which are hosted on the server, so there shall not be anything special which you'll have to do to protect your websites. It'll take you a click to stop ModSecurity if necessary or to activate its passive mode so that it records what goes on without taking any actions to prevent intrusions. You will be able to view the logs generated in passive or active mode via the corresponding section of Hepsia and learn more about the form of the attack, where it came from, what rule the firewall employed to handle it, etcetera. We use a mixture of commercial and custom rules in order to ensure that ModSecurity shall block as many risks as possible, therefore boosting the protection of your web programs as much as possible.
ModSecurity in Dedicated Web Hosting
If you decide to host your sites on a dedicated server with the Hepsia Control Panel, your web programs will be secured immediately because ModSecurity is supplied with all Hepsia-based plans. You shall be able to manage the firewall effortlessly and if necessary, you'll be able to turn it off or activate its passive mode when it shall only keep a log of what's occurring without taking any action to stop possible attacks. The logs that you will find in the very same section of the Control Panel are extremely detailed and contain info about the attacker IP address, what site and file were attacked and in what way, what rule the firewall employed to prevent the intrusion, and so on. This info shall enable you to take measures and boost the security of your Internet sites even more. To be on the safe side, we use not only commercial rules, but also custom-made ones that our staff add when they recognize attacks that have not yet been included inside the commercial pack.