ModSecurity is a plugin for Apache web servers that functions as a web application layer firewall. It is used to prevent attacks against script-driven sites through the use of security rules which contain particular expressions. This way, the firewall can prevent hacking and spamming attempts and shield even websites which aren't updated regularly. For example, numerous unsuccessful login attempts to a script administrative area or attempts to execute a specific file with the objective to get access to the script will trigger particular rules, so ModSecurity shall block these activities the moment it identifies them. The firewall is extremely efficient because it monitors the entire HTTP traffic to a site in real time without slowing it down, so it will be able to stop an attack before any harm is done. It furthermore keeps an exceptionally comprehensive log of all attack attempts that includes more information than typical Apache logs, so you can later analyze the data and take further measures to increase the security of your websites if required.
ModSecurity in Shared Website Hosting
ModSecurity is offered with each shared website hosting plan which we offer and it's activated by default for every domain or subdomain which you include via your Hepsia CP. In the event that it disrupts any of your programs or you'd like to disable it for whatever reason, you shall be able to accomplish that through the ModSecurity area of Hepsia with simply a click. You can also use a passive mode, so the firewall will detect potential attacks and maintain a log, but won't take any action. You could view detailed logs in the same section, including the IP where the attack came from, what exactly the attacker aimed to do and at what time, what ModSecurity did, and so forth. For max protection of our clients we use a set of commercial firewall rules mixed with custom ones which are included by our system administrators.
ModSecurity in Semi-dedicated Hosting
Any web application which you set up within your new semi-dedicated hosting account will be protected by ModSecurity since the firewall comes with all our hosting packages and is turned on by default for any domain and subdomain you include or create via your Hepsia hosting Control Panel. You shall be able to manage ModSecurity via a dedicated section within Hepsia where not only can you activate or deactivate it entirely, but you could also activate a passive mode, so the firewall shall not stop anything, but it'll still maintain a record of potential attacks. This normally requires just a click and you shall be able to see the logs regardless if ModSecurity is in passive or active mode through the same section - what the attack was and where it came from, how it was dealt with, etcetera. The firewall employs two sets of rules on our servers - a commercial one which we get from a third-party web security provider and a custom one that our admins update personally as to respond to newly discovered risks as soon as possible.
ModSecurity in Dedicated Web Hosting
ModSecurity comes with all dedicated servers which are integrated with our Hepsia CP and you won't need to do anything specific on your end to use it since it's turned on by default every time you add a new domain or subdomain on your hosting server. If it interferes with any of your applications, you shall be able to stop it via the respective area of Hepsia, or you could leave it working in passive mode, so it will recognize attacks and shall still keep a log for them, but shall not stop them. You'll be able to analyze the logs later to determine what you can do to improve the security of your Internet sites as you will find details such as where an intrusion attempt originated from, what website was attacked and based upon what rule ModSecurity reacted, and so on. The rules that we employ are commercial, therefore they're frequently updated by a security firm, but to be on the safe side, our staff also include custom rules every now and then as to react to any new threats they have identified.