ModSecurity is a plugin for Apache web servers that functions as a web application layer firewall. It is used to stop attacks towards script-driven Internet sites by employing security rules that contain certain expressions. That way, the firewall can stop hacking and spamming attempts and shield even Internet sites that aren't updated on a regular basis. For instance, numerous unsuccessful login attempts to a script administrator area or attempts to execute a certain file with the objective to get access to the script will trigger particular rules, so ModSecurity shall block out these activities the minute it identifies them. The firewall is extremely efficient since it tracks the whole HTTP traffic to a site in real time without slowing it down, so it can stop an attack before any harm is done. It additionally keeps a very thorough log of all attack attempts that includes more information than typical Apache logs, so you can later check out the data and take additional measures to improve the security of your Internet sites if needed.
ModSecurity in Shared Web Hosting
ModSecurity is supplied with all shared web hosting
servers, so if you choose to host your websites with our company, they shall be protected against an array of attacks. The firewall is turned on as standard for all domains and subdomains, so there'll be nothing you will need to do on your end. You shall be able to stop ModSecurity for any site if required, or to activate a detection mode, so that all activity will be recorded, but the firewall won't take any real action. You will be able to view detailed logs using your Hepsia Control Panel including the IP address where the attack originated from, what the attacker wished to do and how ModSecurity addressed the threat. As we take the protection of our clients' Internet sites seriously, we use a group of commercial rules which we get from one of the top companies that maintain this sort of rules. Our admins also include custom rules to make certain that your sites will be resistant to as many threats as possible.
ModSecurity in Semi-dedicated Hosting
Any web program which you set up within your new semi-dedicated hosting
account will be protected by ModSecurity because the firewall comes with all our hosting solutions and is activated by default for any domain and subdomain you include or create through your Hepsia hosting Control Panel. You shall be able to manage ModSecurity via a dedicated area in Hepsia where not only could you activate or deactivate it completely, but you may also switch on a passive mode, so the firewall will not stop anything, but it'll still keep a record of possible attacks. This takes only a click and you will be able to view the logs regardless of if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was taken care of, etc. The firewall uses 2 sets of rules on our servers - a commercial one which we get from a third-party web security provider and a custom one that our admins update personally as to respond to recently discovered risks as soon as possible.
ModSecurity in VPS Web Hosting
ModSecurity is included with all Hepsia-based virtual private servers
we offer and it will be turned on automatically for any new domain or subdomain that you add on the hosting server. This way, any web app you install shall be protected right away without doing anything by hand on your end. The firewall may be handled from the section of the Control Panel which bears the same name. This is the area whereyou could disable ModSecurity or enable its passive mode, so it will not take any action toward threats, but shall still maintain a detailed log. The recorded info is available inside the same area as well and you shall be able to see what IPs any attacks originated from so that you can stop them, what the nature of the attempted attacks was and based upon what security rules ModSecurity reacted. The rules which we employ on our servers are a mixture between commercial ones that we obtain from a security organization and custom ones which are added by our staff to optimize the protection of any web apps hosted on our end.
ModSecurity in Dedicated Servers Hosting
All of our dedicated servers
which are set up with the Hepsia hosting CP feature ModSecurity, so any program that you upload or install will be protected from the very beginning and you won't have to stress about common attacks or vulnerabilities. An independent section inside Hepsia will allow you to start or stop the firewall for every domain or subdomain, or switch on a detection mode so that it records information about intrusions, but does not take actions to stop them. What you'll find in the logs can easily help you to secure your websites better - the IP an attack came from, what website was attacked as well as how, what ModSecurity rule was triggered, and so forth. With this data, you'll be able to see if an Internet site needs an update, if you ought to block IPs from accessing your hosting server, and so forth. Besides the third-party commercial security rules for ModSecurity we use, our administrators include custom ones too whenever they come across a new threat that's not yet included in the commercial bundle.