ModSecurity is a plugin for Apache web servers that acts as a web application layer firewall. It's employed to stop attacks against script-driven Internet sites through the use of security rules which contain specific expressions. That way, the firewall can block hacking and spamming attempts and preserve even Internet sites that are not updated frequently. For instance, a number of unsuccessful login attempts to a script administrator area or attempts to execute a certain file with the purpose to get access to the script will trigger particular rules, so ModSecurity shall block out these activities the minute it identifies them. The firewall is very efficient as it monitors the whole HTTP traffic to a site in real time without slowing it down, so it can easily prevent an attack before any harm is done. It furthermore maintains a very detailed log of all attack attempts that features more information than standard Apache logs, so you can later check out the data and take additional measures to increase the security of your websites if necessary.
ModSecurity in Cloud Hosting
ModSecurity comes by default with all cloud hosting packages which we offer and it shall be activated automatically for any domain or subdomain you add/create within your Hepsia hosting Control Panel. The firewall has three different modes, so you can activate and deactivate it with just a click or set it to detection mode, so it will keep a log of all attacks, but it'll not do anything to prevent them. The log for each of your websites shall contain detailed information including the nature of the attack, where it originated from, what action was taken by ModSecurity, and so on. The firewall rules which we use are regularly updated and incorporate both commercial ones we get from a third-party security company and custom ones which our system administrators add in the event that they detect a new sort of attacks. This way, the sites that you host here shall be much more secure without any action required on your end.
ModSecurity in Semi-dedicated Hosting
Any web program which you install within your new semi-dedicated hosting account will be protected by ModSecurity since the firewall comes with all our hosting solutions and is turned on by default for any domain and subdomain you include or create using your Hepsia hosting CP. You'll be able to manage ModSecurity via a dedicated area within Hepsia where not only can you activate or deactivate it completely, but you may also activate a passive mode, so the firewall will not block anything, but it will still keep an archive of possible attacks. This normally requires only a mouse click and you'll be able to see the logs regardless if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was addressed, etcetera. The firewall employs 2 groups of rules on our servers - a commercial one which we get from a third-party web security provider and a custom one that our administrators update personally as to respond to recently discovered threats as fast as possible.
ModSecurity in Dedicated Web Hosting
When you choose to host your sites on a dedicated server with the Hepsia CP, your web applications shall be protected right from the start as ModSecurity is provided with all Hepsia-based packages. You will be able to control the firewall with ease and if necessary, you'll be able to turn it off or switch on its passive mode when it'll only keep a log of what's occurring without taking any action to prevent possible attacks. The logs which you'll find within the same section of the CP are incredibly detailed and feature info about the attacker IP, what site and file were attacked and in what way, what rule the firewall used to prevent the intrusion, etcetera. This data shall permit you to take measures and improve the security of your websites even more. To be on the safe side, we use not only commercial rules, but also custom-made ones that our staff include when they recognize attacks which haven't yet been included within the commercial pack.