ModSecurity is a plugin for Apache web servers that functions as a web app layer firewall. It is used to prevent attacks against script-driven websites through the use of security rules which contain particular expressions. This way, the firewall can stop hacking and spamming attempts and preserve even Internet sites which are not updated on a regular basis. As an example, multiple unsuccessful login attempts to a script admin area or attempts to execute a specific file with the intention to get access to the script shall trigger particular rules, so ModSecurity shall stop these activities the second it identifies them. The firewall is very efficient because it monitors the whole HTTP traffic to a site in real time without slowing it down, so it can prevent an attack before any harm is done. It furthermore keeps a very comprehensive log of all attack attempts that includes more information than conventional Apache logs, so you can later examine the data and take additional measures to enhance the security of your sites if needed.
ModSecurity in Shared Hosting
ModSecurity comes by default with all shared hosting packages that we supply and it shall be turned on automatically for any domain or subdomain which you add/create in your Hepsia hosting CP. The firewall has three different modes, so you'll be able to activate and disable it with simply a click or set it to detection mode, so it shall keep a log of all attacks, but it shall not do anything to stop them. The log for any of your websites will feature detailed info which includes the nature of the attack, where it came from, what action was taken by ModSecurity, and so forth. The firewall rules that we use are regularly updated and incorporate both commercial ones that we get from a third-party security firm and custom ones which our system admins include in case that they detect a new sort of attacks. This way, the sites that you host here shall be way more secure with no action expected on your end.
ModSecurity in Semi-dedicated Servers
We have included ModSecurity by default within all semi-dedicated server products, so your web applications shall be protected whenever you install them under any domain or subdomain. The Hepsia CP which is included with the semi-dedicated accounts shall permit you to enable or disable the firewall for any website with a click. You'll also have the ability to switch on a passive detection mode through which ModSecurity will maintain a log of potential attacks without really preventing them. The thorough logs include the nature of the attack and what ModSecurity response this attack generated, where it came from, and so forth. The list of rules which we employ is constantly updated in order to match any new risks that could appear on the Internet and it comes with both commercial rules that we get from a security corporation and custom-written ones which our administrators include if they discover a threat that is not present inside the commercial list yet.
ModSecurity in VPS Servers
ModSecurity comes with all Hepsia-based VPS servers which we offer and it shall be switched on automatically for any new domain or subdomain which you include on the web server. That way, any web app that you install shall be secured right away without doing anything manually on your end. The firewall could be handled via the section of the Control Panel that has the same name. This is the area whereyou'll be able to disable ModSecurity or activate its passive mode, so it will not take any action against threats, but shall still maintain a comprehensive log. The recorded data is available inside the same area as well and you shall be able to see what IPs any attacks came from so that you stop them, what the nature of the attempted attacks was and based on what security rules ModSecurity responded. The rules which we use on our servers are a mixture between commercial ones we obtain from a security organization and custom ones which are added by our staff to improve the security of any web applications hosted on our end.
ModSecurity in Dedicated Servers
ModSecurity is provided with all dedicated servers which are set up with our Hepsia CP and you will not have to do anything specific on your end to use it as it is enabled by default whenever you add a new domain or subdomain on your hosting server. In the event that it disrupts any of your programs, you'll be able to stop it via the respective section of Hepsia, or you could leave it operating in passive mode, so it shall identify attacks and will still keep a log for them, but shall not prevent them. You'll be able to look at the logs later to find out what you can do to boost the safety of your websites since you will find details such as where an intrusion attempt came from, what site was attacked and in accordance with what rule ModSecurity reacted, and so on. The rules which we employ are commercial, therefore they're regularly updated by a security provider, but to be on the safe side, our administrators also add custom rules every now and then in order to react to any new threats they have found.