ModSecurity is a plugin for Apache web servers that acts as a web application layer firewall. It's used to stop attacks toward script-driven sites by employing security rules that contain particular expressions. This way, the firewall can block hacking and spamming attempts and protect even Internet sites which are not updated often. For instance, multiple failed login attempts to a script admin area or attempts to execute a certain file with the intention to get access to the script shall trigger certain rules, so ModSecurity shall block these activities the moment it identifies them. The firewall is quite efficient as it monitors the entire HTTP traffic to a website in real time without slowing it down, so it will be able to prevent an attack before any damage is done. It additionally maintains an exceptionally comprehensive log of all attack attempts that contains more information than traditional Apache logs, so you could later check out the data and take further measures to enhance the security of your websites if necessary.
ModSecurity in Shared Web Hosting
ModSecurity is provided with all shared web hosting machines, so if you choose to host your websites with our firm, they'll be resistant to a wide range of attacks. The firewall is enabled by default for all domains and subdomains, so there shall be nothing you'll need to do on your end. You'll be able to stop ModSecurity for any website if needed, or to activate a detection mode, so all activity shall be recorded, but the firewall shall not take any real action. You will be able to view detailed logs using your Hepsia CP including the IP address where the attack came from, what the attacker planned to do and how ModSecurity handled the threat. As we take the protection of our customers' Internet sites seriously, we use a collection of commercial rules which we get from one of the leading companies that maintain this sort of rules. Our administrators also add custom rules to make certain that your websites shall be resistant to as many threats as possible.
ModSecurity in Semi-dedicated Hosting
We've incorporated ModSecurity by default in all semi-dedicated hosting products, so your web applications shall be protected as soon as you set them up under any domain or subdomain. The Hepsia CP which comes with the semi-dedicated accounts shall allow you to enable or turn off the firewall for any website with a mouse click. You shall also be able to switch on a passive detection mode with which ModSecurity shall maintain a log of possible attacks without actually stopping them. The thorough logs include things like the nature of the attack and what ModSecurity response that attack activated, where it originated from, etc. The list of rules we use is constantly updated in order to match any new threats which may appear on the Internet and it features both commercial rules that we get from a security business and custom-written ones that our administrators add in the event that they discover a threat which is not present in the commercial list yet.
ModSecurity in VPS Web Hosting
Protection is of the utmost importance to us, so we set up ModSecurity on all virtual private servers that are provided with the Hepsia CP by default. The firewall can be managed through a dedicated section in Hepsia and is switched on automatically when you include a new domain or create a subdomain, so you will not have to do anything manually. You shall also be able to deactivate it or activate the so-called detection mode, so it shall maintain a log of possible attacks you can later examine, but won't prevent them. The logs in both passive and active modes offer details regarding the form of the attack and how it was eliminated, what IP it came from and other useful data which could help you to tighten the security of your Internet sites by updating them or blocking IPs, as an example. On top of the commercial rules we get for ModSecurity from a third-party security company, we also implement our own rules since from time to time we find specific attacks that aren't yet present inside the commercial group. That way, we can enhance the security of your Virtual private server immediately as opposed to waiting for a certified update.
ModSecurity in Dedicated Servers Hosting
When you choose to host your Internet sites on a dedicated server with the Hepsia CP, your web applications will be protected right from the start as ModSecurity is provided with all Hepsia-based plans. You will be able to manage the firewall with ease and if needed, you'll be able to turn it off or enable its passive mode when it shall only keep a log of what is going on without taking any action to stop possible attacks. The logs which you will find in the very same section of the Control Panel are extremely detailed and contain details about the attacker IP, what website and file were attacked and in what way, what rule the firewall employed to prevent the intrusion, etcetera. This information shall permit you to take measures and increase the protection of your Internet sites even more. To be on the safe side, we employ not just commercial rules, but also custom-made ones which our staff add every time they identify attacks which have not yet been included within the commercial pack.