ModSecurity is a plugin for Apache web servers which acts as a web application layer firewall. It is employed to prevent attacks towards script-driven websites by using security rules which contain specific expressions. This way, the firewall can stop hacking and spamming attempts and protect even Internet sites that are not updated frequently. For example, numerous unsuccessful login attempts to a script administrative area or attempts to execute a particular file with the purpose to get access to the script shall trigger particular rules, so ModSecurity shall block these activities the minute it discovers them. The firewall is incredibly efficient because it screens the entire HTTP traffic to a site in real time without slowing it down, so it could stop an attack before any damage is done. It additionally keeps an incredibly thorough log of all attack attempts that features more info than conventional Apache logs, so you could later analyze the data and take further measures to enhance the security of your sites if required.
ModSecurity in Hosting
ModSecurity is supplied with all hosting servers, so if you decide to host your websites with our business, they shall be shielded from an array of attacks. The firewall is enabled as standard for all domains and subdomains, so there shall be nothing you shall need to do on your end. You'll be able to stop ModSecurity for any Internet site if required, or to switch on a detection mode, so all activity will be recorded, but the firewall will not take any real action. You'll be able to view specific logs through your Hepsia CP including the IP where the attack came from, what the attacker wanted to do and how ModSecurity addressed the threat. As we take the security of our customers' websites very seriously, we employ a group of commercial rules that we get from one of the leading companies which maintain this sort of rules. Our admins also add custom rules to make sure that your websites will be resistant to as many risks as possible.
ModSecurity in Semi-dedicated Servers
ModSecurity is part of our semi-dedicated server packages and if you decide to host your Internet sites with us, there will not be anything special you will have to do given that the firewall is activated by default for all domains and subdomains that you add using your hosting Control Panel. If necessary, you can disable ModSecurity for a given Internet site or turn on the so-called detection mode in which case the firewall will still operate and record information, but won't do anything to stop potential attacks against your Internet sites. In depth logs will be available in your Control Panel and you shall be able to see what sort of attacks happened, what security rules were triggered and how the firewall addressed the threats, what IP addresses the attacks came from, etcetera. We use 2 sorts of rules on our servers - commercial ones from a business that operates in the field of web security, and customized ones which our admins often add to respond to newly identified threats in a timely manner.
ModSecurity in Dedicated Servers
All of our dedicated servers which are set up with the Hepsia hosting Control Panel include ModSecurity, so any application that you upload or set up shall be protected from the very beginning and you won't have to stress about common attacks or vulnerabilities. An individual section within Hepsia will enable you to start or stop the firewall for each domain or subdomain, or turn on a detection mode so that it records details about intrusions, but doesn't take actions to prevent them. What you shall see in the logs shall allow you to to secure your Internet sites better - the IP an attack originated from, what site was attacked and exactly how, what ModSecurity rule was triggered, and so on. With this information, you could see if an Internet site needs an update, if you ought to block IPs from accessing your hosting server, etcetera. Aside from the third-party commercial security rules for ModSecurity we use, our admins include custom ones as well when they come across a new threat which is not yet a part of the commercial bundle.