ModSecurity is a plugin for Apache web servers which acts as a web app layer firewall. It's employed to stop attacks toward script-driven websites by employing security rules which contain particular expressions. This way, the firewall can stop hacking and spamming attempts and shield even websites that are not updated on a regular basis. For example, numerous unsuccessful login attempts to a script administrator area or attempts to execute a specific file with the objective to get access to the script will trigger particular rules, so ModSecurity will stop these activities the moment it detects them. The firewall is incredibly efficient as it tracks the whole HTTP traffic to a site in real time without slowing it down, so it will be able to stop an attack before any damage is done. It additionally keeps an exceptionally thorough log of all attack attempts which includes more info than typical Apache logs, so you can later check out the data and take additional measures to increase the security of your websites if necessary.

ModSecurity in Cloud Web Hosting

ModSecurity comes by default with all cloud web hosting solutions that we offer and it will be turned on automatically for any domain or subdomain you add/create within your Hepsia hosting CP. The firewall has three different modes, so you'll be able to switch on and disable it with a mouse click or set it to detection mode, so it'll maintain a log of all attacks, but it'll not do anything to stop them. The log for any of your Internet sites shall feature elaborate info which includes the nature of the attack, where it came from, what action was taken by ModSecurity, and so on. The firewall rules that we use are frequently updated and include both commercial ones which we get from a third-party security business and custom ones our system administrators add in the event that they detect a new type of attacks. That way, the websites that you host here will be a lot more protected without any action expected on your end.

ModSecurity in Semi-dedicated Servers

We've integrated ModSecurity as a standard within all semi-dedicated server plans, so your web apps will be protected the instant you set them up under any domain or subdomain. The Hepsia CP that comes with the semi-dedicated accounts will permit you to activate or turn off the firewall for any site with a mouse click. You'll also be able to activate a passive detection mode in which ModSecurity shall keep a log of potential attacks without really preventing them. The detailed logs include things like the nature of the attack and what ModSecurity response that attack generated, where it came from, etcetera. The list of rules that we use is frequently updated in order to match any new risks which may appear on the Internet and it features both commercial rules that we get from a security corporation and custom-written ones which our administrators include in case they discover a threat that's not present within the commercial list yet.

ModSecurity in Dedicated Servers

ModSecurity is included with all dedicated servers which are set up with our Hepsia Control Panel and you'll not have to do anything specific on your end to employ it because it's turned on by default each time you add a new domain or subdomain on your hosting server. In case it interferes with some of your apps, you shall be able to stop it via the respective part of Hepsia, or you may leave it working in passive mode, so it shall recognize attacks and shall still keep a log for them, but shall not prevent them. You may examine the logs later to determine what you can do to enhance the protection of your websites since you shall find information such as where an intrusion attempt originated from, what website was attacked and based upon what rule ModSecurity responded, and so forth. The rules which we use are commercial, thus they are frequently updated by a security provider, but to be on the safe side, our administrators also include custom rules once in a while in order to deal with any new threats they have identified.