ModSecurity is a plugin for Apache web servers that functions as a web app layer firewall. It's used to stop attacks toward script-driven sites through the use of security rules that contain certain expressions. This way, the firewall can block hacking and spamming attempts and preserve even sites which are not updated often. For instance, a number of unsuccessful login attempts to a script administrator area or attempts to execute a certain file with the objective to get access to the script will trigger certain rules, so ModSecurity will stop these activities the minute it detects them. The firewall is extremely efficient since it screens the entire HTTP traffic to a website in real time without slowing it down, so it can easily prevent an attack before any damage is done. It additionally maintains a very detailed log of all attack attempts which contains more info than typical Apache logs, so you can later examine the data and take extra measures to improve the security of your websites if necessary.
ModSecurity in Website Hosting
ModSecurity is offered with each website hosting plan which we provide and it's activated by default for any domain or subdomain that you include via your Hepsia CP. In case it disrupts any of your apps or you would like to disable it for any reason, you'll be able to do this through the ModSecurity section of Hepsia with simply a click. You could also use a passive mode, so the firewall will identify potential attacks and keep a log, but will not take any action. You can view comprehensive logs in the same section, including the IP where the attack originated from, exactly what the attacker aimed to do and at what time, what ModSecurity did, and so forth. For optimum safety of our customers we use a set of commercial firewall rules mixed with custom ones which are added by our system admins.
ModSecurity in Semi-dedicated Hosting
Any web application that you install within your new semi-dedicated hosting account will be protected by ModSecurity as the firewall is included with all our hosting packages and is switched on by default for any domain and subdomain that you include or create through your Hepsia hosting CP. You shall be able to manage ModSecurity through a dedicated area in Hepsia where not simply can you activate or deactivate it entirely, but you could also activate a passive mode, so the firewall won't block anything, but it will still maintain a record of possible attacks. This takes only a mouse click and you will be able to view the logs no matter if ModSecurity is in active or passive mode through the same section - what the attack was and where it came from, how it was handled, and so on. The firewall uses two sets of rules on our machines - a commercial one that we get from a third-party web security company and a custom one which our admins update personally as to respond to recently discovered threats as soon as possible.
ModSecurity in VPS
ModSecurity is pre-installed on all virtual private servers that are set up with the Hepsia hosting Control Panel, so your web apps shall be protected from the second your server is ready. The firewall is turned on by default for any domain or subdomain on the VPS, but if needed, you can deactivate it with a mouse click through the corresponding section of Hepsia. You may also set it to function in detection mode, so it will keep a detailed log of any possible attacks without taking any action to prevent them. The logs can be found inside the exact same section and include information about the nature of the attack, what IP it originated from and what ModSecurity rule was initiated to stop it. For maximum security, we use not simply commercial rules from a company working in the field of web security, but also custom ones our admins include manually in order to react to new risks that are still not dealt with in the commercial rules.
ModSecurity in Dedicated Hosting
If you opt to host your sites on a dedicated server with the Hepsia CP, your web applications will be secured right from the start as ModSecurity is provided with all Hepsia-based packages. You'll be able to manage the firewall without difficulty and if required, you will be able to turn it off or switch on its passive mode when it will only maintain a log of what's taking place without taking any action to prevent possible attacks. The logs that you will find within the very same section of the Control Panel are quite detailed and feature information about the attacker IP address, what site and file were attacked and in what way, what rule the firewall used to prevent the intrusion, etcetera. This information shall permit you to take measures and increase the security of your websites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones which our administrators add when they identify attacks which haven't yet been included in the commercial pack.