ModSecurity is a plugin for Apache web servers that acts as a web application layer firewall. It is used to prevent attacks against script-driven websites through the use of security rules which contain particular expressions. In this way, the firewall can prevent hacking and spamming attempts and preserve even Internet sites that aren't updated frequently. As an example, numerous unsuccessful login attempts to a script administrator area or attempts to execute a specific file with the objective to get access to the script shall trigger certain rules, so ModSecurity shall block out these activities the moment it identifies them. The firewall is very efficient as it tracks the entire HTTP traffic to an Internet site in real time without slowing it down, so it will be able to prevent an attack before any harm is done. It additionally keeps an incredibly detailed log of all attack attempts which features more information than traditional Apache logs, so you could later analyze the data and take further measures to increase the security of your websites if necessary.
ModSecurity in Shared Hosting
ModSecurity is supplied with all shared hosting machines, so if you decide to host your websites with our organization, they'll be resistant to a wide array of attacks. The firewall is turned on as standard for all domains and subdomains, so there shall be nothing you shall need to do on your end. You will be able to stop ModSecurity for any site if necessary, or to enable a detection mode, so all activity shall be recorded, but the firewall will not take any real action. You will be able to view detailed logs from your Hepsia Control Panel including the IP where the attack came from, what the attacker planned to do and how ModSecurity addressed the threat. As we take the protection of our clients' Internet sites seriously, we employ a group of commercial rules which we take from one of the leading companies which maintain this sort of rules. Our administrators also add custom rules to make certain that your sites shall be resistant to as many risks as possible.
ModSecurity in Semi-dedicated Hosting
Any web app which you set up within your new semi-dedicated hosting account will be protected by ModSecurity since the firewall is included with all our hosting solutions and is activated by default for any domain and subdomain you include or create via your Hepsia hosting CP. You shall be able to manage ModSecurity through a dedicated area inside Hepsia where not simply could you activate or deactivate it entirely, but you can also activate a passive mode, so the firewall will not block anything, but it'll still maintain a record of potential attacks. This normally requires only a mouse click and you shall be able to see the logs regardless if ModSecurity is in passive or active mode through the same section - what the attack was and where it came from, how it was dealt with, etcetera. The firewall employs two groups of rules on our servers - a commercial one that we get from a third-party web security provider and a custom one that our admins update personally as to respond to recently discovered risks as soon as possible.
ModSecurity in Dedicated Servers Hosting
ModSecurity is included with all dedicated servers that are integrated with our Hepsia Control Panel and you won't need to do anything specific on your end to use it as it's enabled by default every time you include a new domain or subdomain on your hosting server. In case it interferes with some of your programs, you'll be able to stop it via the respective area of Hepsia, or you could leave it in passive mode, so it'll identify attacks and shall still keep a log for them, but shall not prevent them. You could look at the logs later to find out what you can do to boost the protection of your sites since you will find details such as where an intrusion attempt originated from, what website was attacked and in accordance with what rule ModSecurity responded, etc. The rules that we employ are commercial, therefore they are regularly updated by a security company, but to be on the safe side, our administrators also include custom rules every now and then as to deal with any new threats they have found.