ModSecurity is a plugin for Apache web servers which functions as a web app layer firewall. It is used to stop attacks against script-driven sites through the use of security rules which contain particular expressions. This way, the firewall can stop hacking and spamming attempts and protect even Internet sites that are not updated often. For example, multiple failed login attempts to a script administrative area or attempts to execute a specific file with the purpose to get access to the script shall trigger specific rules, so ModSecurity shall block these activities the moment it detects them. The firewall is very efficient since it monitors the entire HTTP traffic to a website in real time without slowing it down, so it can prevent an attack before any harm is done. It also keeps an exceptionally comprehensive log of all attack attempts which includes more information than traditional Apache logs, so you can later analyze the data and take extra measures to increase the security of your Internet sites if needed.
ModSecurity in Shared Website Hosting
ModSecurity can be found with every single shared website hosting solution that we provide and it's switched on by default for any domain or subdomain which you include via your Hepsia Control Panel. If it interferes with any of your apps or you'd like to disable it for some reason, you will be able to do this through the ModSecurity area of Hepsia with only a click. You may also activate a passive mode, so the firewall will discover possible attacks and maintain a log, but will not take any action. You can see extensive logs in the exact same section, including the IP where the attack originated from, exactly what the attacker tried to do and at what time, what ModSecurity did, etcetera. For max safety of our customers we use a group of commercial firewall rules mixed with custom ones which are included by our system administrators.
ModSecurity in Semi-dedicated Hosting
All semi-dedicated hosting plans that we offer come with ModSecurity and because the firewall is enabled by default, any Internet site which you create under a domain or a subdomain shall be protected immediately. A separate section within the Hepsia CP that comes with the semi-dedicated accounts is devoted to ModSecurity and it shall enable you to stop and start the firewall for any Internet site or activate a detection mode. With the last option, ModSecurity won't take any action, but it shall still identify possible attacks and shall keep all information in a log as if it were completely active. The logs could be found inside the exact same section of the Control Panel and they feature specifics about the IP where an attack came from, what its nature was, what rule ModSecurity applies to identify and stop it, etcetera. The security rules which we use on our web servers are a mix between commercial ones from a security company and custom ones created by our system admins. As a result, we provide greater security for your web applications as we can shield them from attacks even before security corporations release updates for brand new threats.
ModSecurity in Dedicated Hosting
All our dedicated servers that are installed with the Hepsia hosting Control Panel include ModSecurity, so any app that you upload or install shall be secured from the very beginning and you'll not have to bother about common attacks or vulnerabilities. A separate section inside Hepsia will allow you to start or stop the firewall for every domain or subdomain, or switch on a detection mode so that it records information regarding intrusions, but doesn't take actions to stop them. What you'll find in the logs shall enable you to to secure your Internet sites better - the IP address an attack originated from, what website was attacked and in what way, what ModSecurity rule was triggered, etc. With this info, you could see if a website needs an update, whether you should block IPs from accessing your web server, and so on. On top of the third-party commercial security rules for ModSecurity which we use, our administrators include custom ones too when they find a new threat that's not yet in the commercial bundle.