ModSecurity is a plugin for Apache web servers which functions as a web app layer firewall. It is used to stop attacks towards script-driven sites through the use of security rules that contain specific expressions. In this way, the firewall can prevent hacking and spamming attempts and shield even websites which aren't updated on a regular basis. For instance, a number of unsuccessful login attempts to a script admin area or attempts to execute a certain file with the purpose to get access to the script will trigger specific rules, so ModSecurity will block these activities the instant it discovers them. The firewall is quite efficient because it monitors the whole HTTP traffic to an Internet site in real time without slowing it down, so it can easily stop an attack before any harm is done. It furthermore maintains a very thorough log of all attack attempts which includes more info than typical Apache logs, so you can later analyze the data and take extra measures to increase the security of your websites if needed.
ModSecurity in Cloud Website Hosting
ModSecurity is supplied with all cloud website hosting machines, so if you choose to host your sites with our firm, they shall be resistant to a wide range of attacks. The firewall is enabled as standard for all domains and subdomains, so there'll be nothing you will need to do on your end. You will be able to stop ModSecurity for any website if required, or to switch on a detection mode, so all activity will be recorded, but the firewall shall not take any real action. You shall be able to view detailed logs using your Hepsia CP including the IP address where the attack came from, what the attacker planned to do and how ModSecurity addressed the threat. As we take the security of our customers' Internet sites very seriously, we use a set of commercial rules which we take from one of the top firms that maintain such rules. Our administrators also add custom rules to ensure that your websites shall be shielded from as many risks as possible.
ModSecurity in Semi-dedicated Hosting
We have incorporated ModSecurity as a standard within all semi-dedicated hosting plans, so your web apps will be protected as soon as you set them up under any domain or subdomain. The Hepsia CP which is included with the semi-dedicated accounts shall allow you to activate or disable the firewall for any Internet site with a click. You shall also be able to activate a passive detection mode in which ModSecurity will maintain a log of possible attacks without actually preventing them. The comprehensive logs contain the nature of the attack and what ModSecurity response that attack activated, where it came from, etc. The list of rules which we employ is frequently updated as to match any new risks which may appear on the Internet and it includes both commercial rules that we get from a security firm and custom-written ones that our admins add if they find a threat that is not present in the commercial list yet.
ModSecurity in VPS
All virtual private servers which are provided with the Hepsia CP feature ModSecurity. The firewall is set up and turned on by default for all domains which are hosted on the machine, so there won't be anything special which you'll have to do to protect your Internet sites. It'll take you simply a mouse click to stop ModSecurity if required or to turn on its passive mode so that it records what goes on without taking any measures to prevent intrusions. You'll be able to look at the logs created in passive or active mode from the corresponding section of Hepsia and learn more about the type of the attack, where it came from, what rule the firewall used to take care of it, etc. We employ a mixture of commercial and custom rules in order to make sure that ModSecurity shall block as many risks as possible, thus enhancing the security of your web programs as much as possible.
ModSecurity in Dedicated Hosting
All of our dedicated servers which are set up with the Hepsia hosting Control Panel include ModSecurity, so any program which you upload or install shall be protected from the very beginning and you will not need to bother about common attacks or vulnerabilities. An individual section within Hepsia will allow you to start or stop the firewall for every domain or subdomain, or switch on a detection mode so that it records information regarding intrusions, but does not take actions to stop them. What you'll find in the logs can easily allow you to to secure your sites better - the IP address an attack originated from, what site was attacked and in what way, what ModSecurity rule was triggered, etcetera. With this info, you'll be able to see if an Internet site needs an update, whether you should block IPs from accessing your hosting server, and so forth. In addition to the third-party commercial security rules for ModSecurity which we use, our administrators add custom ones as well every time they come across a new threat that is not yet in the commercial bundle.