ModSecurity is a plugin for Apache web servers that functions as a web app layer firewall. It is used to stop attacks against script-driven websites by employing security rules which contain certain expressions. That way, the firewall can prevent hacking and spamming attempts and protect even Internet sites that aren't updated often. For example, a number of failed login attempts to a script administrator area or attempts to execute a certain file with the purpose to get access to the script shall trigger specific rules, so ModSecurity shall stop these activities the moment it identifies them. The firewall is extremely efficient because it monitors the whole HTTP traffic to a site in real time without slowing it down, so it can prevent an attack before any harm is done. It additionally maintains a very thorough log of all attack attempts which features more information than conventional Apache logs, so you could later analyze the data and take further measures to increase the security of your sites if needed.
ModSecurity in Website Hosting
ModSecurity can be found with each website hosting solution that we offer and it is switched on by default for every domain or subdomain that you add through your Hepsia Control Panel. In case it disrupts any of your apps or you would like to disable it for whatever reason, you will be able to achieve that through the ModSecurity section of Hepsia with only a click. You could also activate a passive mode, so the firewall will recognize possible attacks and maintain a log, but won't take any action. You'll be able to see extensive logs in the very same section, including the IP address where the attack came from, what exactly the attacker attempted to do and at what time, what ModSecurity did, etcetera. For maximum security of our clients we use a collection of commercial firewall rules mixed with custom ones that are added by our system admins.
ModSecurity in Semi-dedicated Hosting
All semi-dedicated hosting packages which we offer include ModSecurity and given that the firewall is switched on by default, any website which you build under a domain or a subdomain will be protected right away. An individual section within the Hepsia Control Panel that comes with the semi-dedicated accounts is dedicated to ModSecurity and it shall enable you to start and stop the firewall for any Internet site or switch on a detection mode. With the last mentioned, ModSecurity won't take any action, but it shall still detect possible attacks and will keep all data in a log as if it were fully active. The logs could be found within the exact same section of the Control Panel and they feature details about the IP where an attack came from, what its nature was, what rule ModSecurity applies to detect and stop it, and so on. The security rules which we use on our machines are a mix between commercial ones from a security firm and custom ones developed by our system administrators. Therefore, we provide higher security for your web apps as we can shield them from attacks before security businesses release updates for new threats.
ModSecurity in Dedicated Hosting
All of our dedicated servers which are set up with the Hepsia hosting CP come with ModSecurity, so any application which you upload or set up shall be secured from the very beginning and you'll not have to concern yourself with common attacks or vulnerabilities. A separate section within Hepsia will permit you to start or stop the firewall for every domain or subdomain, or turn on a detection mode so that it records information about intrusions, but does not take actions to prevent them. What you will discover in the logs can enable you to to secure your websites better - the IP address an attack originated from, what site was attacked and exactly how, what ModSecurity rule was triggered, etc. With this info, you could see if a site needs an update, if you should block IPs from accessing your server, and so forth. Aside from the third-party commercial security rules for ModSecurity that we use, our admins add custom ones as well if they come across a new threat which is not yet included in the commercial bundle.