ModSecurity is a plugin for Apache web servers that functions as a web application layer firewall. It is used to prevent attacks against script-driven sites by using security rules that contain certain expressions. That way, the firewall can block hacking and spamming attempts and protect even websites which are not updated on a regular basis. For example, several unsuccessful login attempts to a script admin area or attempts to execute a particular file with the purpose to get access to the script shall trigger specific rules, so ModSecurity will stop these activities the instant it identifies them. The firewall is quite efficient since it screens the whole HTTP traffic to an Internet site in real time without slowing it down, so it will be able to prevent an attack before any damage is done. It furthermore maintains an exceptionally thorough log of all attack attempts that contains more information than conventional Apache logs, so you can later examine the data and take additional measures to increase the security of your sites if needed.
ModSecurity in Hosting
ModSecurity is provided with all hosting machines, so if you decide to host your Internet sites with our organization, they will be resistant to a wide array of attacks. The firewall is enabled by default for all domains and subdomains, so there'll be nothing you'll need to do on your end. You'll be able to stop ModSecurity for any site if necessary, or to activate a detection mode, so all activity shall be recorded, but the firewall shall not take any real action. You'll be able to view comprehensive logs using your Hepsia CP including the IP where the attack originated from, what the attacker planned to do and how ModSecurity dealt with the threat. Since we take the safety of our customers' Internet sites seriously, we employ a selection of commercial rules that we take from one of the leading companies which maintain this kind of rules. Our admins also add custom rules to make certain that your Internet sites shall be resistant to as many threats as possible.
ModSecurity in Semi-dedicated Hosting
We've incorporated ModSecurity as a standard in all semi-dedicated hosting packages, so your web applications shall be protected the instant you set them up under any domain or subdomain. The Hepsia CP which comes with the semi-dedicated accounts will allow you to activate or turn off the firewall for any site with a mouse click. You shall also be able to turn on a passive detection mode with which ModSecurity will maintain a log of potential attacks without really preventing them. The comprehensive logs include things like the nature of the attack and what ModSecurity response this attack activated, where it originated from, etcetera. The list of rules we employ is frequently updated as to match any new risks that might appear on the Internet and it includes both commercial rules that we get from a security firm and custom-written ones which our administrators include in case they discover a threat that's not present in the commercial list yet.
ModSecurity in Dedicated Web Hosting
If you decide to host your sites on a dedicated server with the Hepsia CP, your web apps will be protected right from the start because ModSecurity is supplied with all Hepsia-based plans. You will be able to manage the firewall easily and if required, you shall be able to turn it off or activate its passive mode when it'll only keep a log of what's going on without taking any action to stop possible attacks. The logs which you can find in the exact same section of the CP are incredibly detailed and include details about the attacker IP address, what website and file were attacked and in what ways, what rule the firewall used to stop the intrusion, etcetera. This info shall allow you to take measures and improve the protection of your Internet sites even more. To be on the safe side, we use not just commercial rules, but also custom-made ones which our admins add every time they detect attacks which haven't yet been included within the commercial pack.