ModSecurity is a plugin for Apache web servers that functions as a web application layer firewall. It is used to prevent attacks towards script-driven Internet sites by using security rules which contain certain expressions. That way, the firewall can stop hacking and spamming attempts and protect even websites that aren't updated often. For example, numerous unsuccessful login attempts to a script admin area or attempts to execute a specific file with the purpose to get access to the script shall trigger specific rules, so ModSecurity will stop these activities the minute it discovers them. The firewall is incredibly efficient since it screens the whole HTTP traffic to a website in real time without slowing it down, so it can stop an attack before any harm is done. It also maintains an exceptionally comprehensive log of all attack attempts that features more information than conventional Apache logs, so you can later examine the data and take further measures to boost the security of your websites if needed.
ModSecurity in Web Hosting
ModSecurity can be found with every single web hosting
solution which we provide and it's turned on by default for any domain or subdomain which you include via your Hepsia CP. If it disrupts any of your apps or you'd like to disable it for some reason, you will be able to do this through the ModSecurity section of Hepsia with simply a click. You can also activate a passive mode, so the firewall will detect potential attacks and keep a log, but will not take any action. You could view comprehensive logs in the very same section, including the IP where the attack originated from, what exactly the attacker aimed to do and at what time, what ModSecurity did, and so forth. For maximum security of our clients we use a set of commercial firewall rules blended with custom ones which are included by our system admins.
ModSecurity in Semi-dedicated Hosting
Any web application you install within your new semi-dedicated hosting
account will be protected by ModSecurity as the firewall comes with all our hosting solutions and is turned on by default for any domain and subdomain that you include or create via your Hepsia hosting CP. You will be able to manage ModSecurity via a dedicated area inside Hepsia where not only can you activate or deactivate it fully, but you may also switch on a passive mode, so the firewall won't stop anything, but it will still maintain an archive of potential attacks. This requires only a click and you'll be able to view the logs no matter if ModSecurity is in passive or active mode through the same section - what the attack was and where it originated from, how it was dealt with, etc. The firewall employs two sets of rules on our machines - a commercial one that we get from a third-party web security company and a custom one that our admins update personally as to respond to newly discovered threats immediately.
ModSecurity in Dedicated Hosting
When you opt to host your sites on a dedicated server
with the Hepsia Control Panel, your web applications shall be protected right away since ModSecurity is supplied with all Hepsia-based plans. You will be able to manage the firewall without difficulty and if necessary, you'll be able to turn it off or enable its passive mode when it'll only maintain a log of what's occurring without taking any action to stop possible attacks. The logs that you will find in the same section of the CP are really detailed and contain data about the attacker IP address, what website and file were attacked and in what ways, what rule the firewall employed to stop the intrusion, and so on. This information will enable you to take measures and increase the security of your sites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones which our admins add when they detect attacks that have not yet been included inside the commercial pack.