ModSecurity is a plugin for Apache web servers that acts as a web application layer firewall. It's used to prevent attacks against script-driven sites by using security rules that contain specific expressions. This way, the firewall can block hacking and spamming attempts and protect even sites which aren't updated frequently. As an example, multiple unsuccessful login attempts to a script administrator area or attempts to execute a specific file with the objective to get access to the script shall trigger specific rules, so ModSecurity will block out these activities the second it detects them. The firewall is incredibly efficient as it monitors the entire HTTP traffic to a website in real time without slowing it down, so it will be able to prevent an attack before any damage is done. It additionally maintains an incredibly thorough log of all attack attempts which includes more info than standard Apache logs, so you could later analyze the data and take extra measures to boost the security of your Internet sites if necessary.
ModSecurity in Shared Website Hosting
ModSecurity is available on all shared website hosting web servers, so if you opt to host your sites with our business, they'll be protected against a wide array of attacks. The firewall is enabled by default for all domains and subdomains, so there will be nothing you'll have to do on your end. You shall be able to stop ModSecurity for any website if required, or to switch on a detection mode, so that all activity will be recorded, but the firewall will not take any real action. You'll be able to view detailed logs from your Hepsia Control Panel including the IP address where the attack came from, what the attacker wanted to do and how ModSecurity dealt with the threat. As we take the protection of our customers' Internet sites seriously, we use a selection of commercial rules which we get from one of the best firms that maintain such rules. Our admins also include custom rules to make certain that your Internet sites will be resistant to as many threats as possible.
ModSecurity in Semi-dedicated Hosting
We have incorporated ModSecurity by default within all semi-dedicated hosting plans, so your web applications will be protected as soon as you install them under any domain or subdomain. The Hepsia Control Panel which comes with the semi-dedicated accounts shall permit you to activate or turn off the firewall for any Internet site with a mouse click. You will also have the ability to turn on a passive detection mode with which ModSecurity shall maintain a log of possible attacks without actually preventing them. The detailed logs include things like the nature of the attack and what ModSecurity response that attack initiated, where it came from, etc. The list of rules which we employ is frequently updated as to match any new threats that may appear on the Internet and it comes with both commercial rules that we get from a security business and custom-written ones that our admins include in the event that they discover a threat that is not present in the commercial list yet.
ModSecurity in Dedicated Hosting
ModSecurity is provided with all dedicated servers that are set up with our Hepsia CP and you will not have to do anything specific on your end to use it since it is switched on by default whenever you add a new domain or subdomain on your web server. In case it interferes with some of your programs, you will be able to stop it via the respective area of Hepsia, or you can leave it working in passive mode, so it'll identify attacks and will still keep a log for them, but will not prevent them. You can examine the logs later to learn what you can do to improve the security of your sites since you will find information such as where an intrusion attempt came from, what website was attacked and in accordance with what rule ModSecurity responded, etc. The rules which we employ are commercial, hence they are frequently updated by a security firm, but to be on the safe side, our staff also include custom rules occasionally as to respond to any new threats they have found.