ModSecurity is a plugin for Apache web servers that functions as a web app layer firewall. It is employed to stop attacks toward script-driven websites through the use of security rules which contain specific expressions. That way, the firewall can prevent hacking and spamming attempts and preserve even websites which aren't updated regularly. As an example, multiple failed login attempts to a script administrative area or attempts to execute a certain file with the objective to get access to the script shall trigger certain rules, so ModSecurity will block these activities the moment it identifies them. The firewall is very efficient since it screens the entire HTTP traffic to an Internet site in real time without slowing it down, so it will be able to stop an attack before any harm is done. It furthermore keeps a very comprehensive log of all attack attempts which contains more info than standard Apache logs, so you could later examine the data and take additional measures to boost the security of your websites if needed.
ModSecurity in Shared Website Hosting
ModSecurity is supplied with all shared website hosting servers, so if you decide to host your Internet sites with our business, they shall be protected against an array of attacks. The firewall is enabled as standard for all domains and subdomains, so there'll be nothing you shall have to do on your end. You will be able to stop ModSecurity for any website if necessary, or to switch on a detection mode, so all activity will be recorded, but the firewall will not take any real action. You'll be able to view specific logs from your Hepsia Control Panel including the IP where the attack came from, what the attacker wanted to do and how ModSecurity handled the threat. As we take the security of our clients' websites seriously, we employ a group of commercial rules which we get from one of the top companies which maintain such rules. Our administrators also include custom rules to make certain that your Internet sites will be shielded from as many threats as possible.
ModSecurity in Semi-dedicated Hosting
All semi-dedicated hosting solutions which we offer include ModSecurity and given that the firewall is switched on by default, any website which you set up under a domain or a subdomain will be secured straight away. A separate section inside the Hepsia CP that comes with the semi-dedicated accounts is dedicated to ModSecurity and it'll permit you to stop and start the firewall for any website or switch on a detection mode. With the last option, ModSecurity will not take any action, but it shall still identify possible attacks and will keep all info within a log as if it were completely active. The logs could be found within the very same section of the Control Panel and they offer information about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to recognize and stop it, and so forth. The security rules we use on our web servers are a mix of commercial ones from a security business and custom ones developed by our system administrators. Therefore, we provide higher security for your web applications as we can protect them from attacks even before security companies release updates for brand new threats.
ModSecurity in VPS Web Hosting
ModSecurity is pre-installed on all virtual private servers that are set up with the Hepsia hosting Control Panel, so your web apps shall be secured from the moment your server is ready. The firewall is activated by default for any domain or subdomain on the Virtual Private Server, but if needed, you can disable it with a mouse click through the corresponding section of Hepsia. You may also set it to function in detection mode, so it'll keep a comprehensive log of any possible attacks without taking any action to stop them. The logs are available within the very same section and provide info about the nature of the attack, what IP address it came from and what ModSecurity rule was initiated to stop it. For maximum security, we employ not just commercial rules from a company working in the field of web security, but also custom ones that our administrators include manually so as to react to new threats which are still not addressed in the commercial rules.
ModSecurity in Dedicated Servers Hosting
All our dedicated servers that are installed with the Hepsia hosting Control Panel include ModSecurity, so any application that you upload or set up will be secured from the very beginning and you won't have to concern yourself with common attacks or vulnerabilities. A separate section within Hepsia will enable you to start or stop the firewall for every domain or subdomain, or activate a detection mode so that it records details about intrusions, but does not take actions to stop them. What you shall find in the logs shall allow you to to secure your Internet sites better - the IP address an attack originated from, what website was attacked and how, what ModSecurity rule was triggered, etcetera. With this data, you could see whether an Internet site needs an update, if you ought to block IPs from accessing your web server, etcetera. On top of the third-party commercial security rules for ModSecurity that we use, our administrators include custom ones as well if they find a new threat that's not yet in the commercial bundle.