ModSecurity is a plugin for Apache web servers that functions as a web application layer firewall. It's employed to prevent attacks towards script-driven websites by using security rules which contain specific expressions. That way, the firewall can block hacking and spamming attempts and shield even sites which aren't updated on a regular basis. For example, numerous failed login attempts to a script admin area or attempts to execute a particular file with the intention to get access to the script shall trigger particular rules, so ModSecurity shall block out these activities the instant it identifies them. The firewall is extremely efficient since it screens the whole HTTP traffic to a website in real time without slowing it down, so it can stop an attack before any damage is done. It furthermore maintains an exceptionally detailed log of all attack attempts which includes more information than standard Apache logs, so you could later check out the data and take extra measures to increase the security of your websites if necessary.
ModSecurity in Cloud Website Hosting
We offer ModSecurity with all cloud website hosting
plans, so your web applications will be protected against destructive attacks. The firewall is turned on as standard for all domains and subdomains, but if you'd like, you shall be able to stop it via the respective part of your Hepsia CP. You can also activate a detection mode, so ModSecurity shall keep a log as intended, but shall not take any action. The logs that you shall discover within Hepsia are extremely detailed and include data about the nature of any attack, when it happened and from what IP address, the firewall rule which was triggered, and so forth. We employ a group of commercial rules that are regularly updated, but sometimes our administrators add custom rules as well so as to better protect the Internet sites hosted on our machines.
ModSecurity in Semi-dedicated Hosting
ModSecurity is part of our semi-dedicated hosting
packages and if you choose to host your sites with our company, there shall not be anything special you'll need to do given that the firewall is switched on by default for all domains and subdomains which you include through your hosting CP. If needed, you'll be able to disable ModSecurity for a given Internet site or turn on the so-called detection mode in which case the firewall shall still operate and record data, but shall not do anything to prevent potential attacks against your websites. Thorough logs will be accessible inside your Control Panel and you'll be able to see which kind of attacks took place, what security rules were triggered and how the firewall dealt with the threats, what IP addresses the attacks came from, etcetera. We use two kinds of rules on our servers - commercial ones from a firm which operates in the field of web security, and custom ones which our administrators sometimes add to respond to newly found risks promptly.
ModSecurity in Dedicated Web Hosting
ModSecurity is offered by default with all dedicated servers
that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain which you host or subdomain you create on the web server. In case that a web application does not work properly, you may either switch off the firewall or set it to work in passive mode. The latter means that ModSecurity shall maintain a log of any possible attack which might take place, but will not take any action to stop it. The logs created in passive or active mode will give you additional details about the exact file that was attacked, the nature of the attack and the IP address it came from, and so on. This data will allow you to decide what actions you can take to improve the safety of your sites, such as blocking IPs or carrying out script and plugin updates. The ModSecurity rules which we use are updated frequently with a commercial package from a third-party security enterprise we work with, but occasionally our staff add their own rules as well if they discover a new potential threat.