ModSecurity is a plugin for Apache web servers which acts as a web application layer firewall. It's employed to prevent attacks against script-driven Internet sites through the use of security rules that contain particular expressions. This way, the firewall can prevent hacking and spamming attempts and protect even Internet sites that aren't updated often. As an example, a number of failed login attempts to a script administrator area or attempts to execute a certain file with the intention to get access to the script will trigger certain rules, so ModSecurity shall stop these activities the moment it detects them. The firewall is quite efficient as it monitors the entire HTTP traffic to a site in real time without slowing it down, so it will be able to prevent an attack before any damage is done. It also keeps an incredibly thorough log of all attack attempts which contains more info than conventional Apache logs, so you can later analyze the data and take extra measures to boost the security of your Internet sites if necessary.
ModSecurity in Cloud Hosting
ModSecurity comes standard with all cloud hosting plans that we offer and it will be turned on automatically for any domain or subdomain which you add/create in your Hepsia hosting Control Panel. The firewall has three different modes, so you can activate and disable it with simply a mouse click or set it to detection mode, so it will keep a log of all attacks, but it shall not do anything to prevent them. The log for each of your sites shall feature detailed info which includes the nature of the attack, where it originated from, what action was taken by ModSecurity, and so forth. The firewall rules which we use are constantly updated and consist of both commercial ones we get from a third-party security business and custom ones our system administrators add in the event that they detect a new kind of attacks. In this way, the websites which you host here shall be way more secure without any action expected on your end.
ModSecurity in VPS Servers
ModSecurity is pre-installed on all VPS servers which are provided with the Hepsia hosting Control Panel, so your web apps shall be protected from the second your server is in a position. The firewall is activated by default for any domain or subdomain on the Virtual Private Server, but if needed, you could disable it with a mouse click from the corresponding section of Hepsia. You could also set it to work in detection mode, so it'll keep an extensive log of any potential attacks without taking any action to stop them. The logs can be found inside the same section and provide info about the nature of the attack, what IP address it came from and what ModSecurity rule was initiated to stop it. For best security, we employ not just commercial rules from a firm working in the field of web security, but also custom ones our administrators include manually in order to react to new risks which are still not tackled in the commercial rules.
ModSecurity in Dedicated Servers
ModSecurity is included with all dedicated servers which are integrated with our Hepsia Control Panel and you won't need to do anything specific on your end to employ it as it is enabled by default every time you add a new domain or subdomain on your hosting server. In case it interferes with some of your programs, you'll be able to stop it via the respective part of Hepsia, or you can leave it working in passive mode, so it'll recognize attacks and shall still keep a log for them, but won't prevent them. You'll be able to examine the logs later to determine what you can do to boost the protection of your Internet sites as you shall find info such as where an intrusion attempt originated from, what website was attacked and in accordance with what rule ModSecurity responded, and so forth. The rules we use are commercial, hence they are regularly updated by a security firm, but to be on the safe side, our admins also add custom rules once in a while as to respond to any new threats they have found.