ModSecurity is a plugin for Apache web servers that acts as a web application layer firewall. It's used to prevent attacks against script-driven sites through the use of security rules that contain certain expressions. In this way, the firewall can prevent hacking and spamming attempts and shield even sites which aren't updated frequently. For example, multiple failed login attempts to a script admin area or attempts to execute a particular file with the intention to get access to the script shall trigger particular rules, so ModSecurity will block these activities the minute it detects them. The firewall is very efficient because it monitors the whole HTTP traffic to a website in real time without slowing it down, so it could stop an attack before any harm is done. It furthermore maintains an incredibly detailed log of all attack attempts that features more info than conventional Apache logs, so you could later check out the data and take additional measures to enhance the security of your sites if necessary.
ModSecurity in Cloud Website Hosting
ModSecurity comes by default with all cloud website hosting solutions which we provide and it'll be turned on automatically for any domain or subdomain that you add/create within your Hepsia hosting CP. The firewall has three different modes, so you can activate and deactivate it with only a click or set it to detection mode, so it will keep a log of all attacks, but it'll not do anything to stop them. The log for each of your websites shall feature comprehensive information including the nature of the attack, where it originated from, what action was taken by ModSecurity, etcetera. The firewall rules which we use are regularly updated and incorporate both commercial ones that we get from a third-party security business and custom ones that our system administrators include in case that they detect a new kind of attacks. That way, the websites which you host here shall be much more secure without any action required on your end.
ModSecurity in Semi-dedicated Servers
ModSecurity is part of our semi-dedicated server plans and if you opt to host your sites with our company, there won't be anything special you will have to do as the firewall is switched on by default for all domains and subdomains which you add via your hosting Control Panel. If necessary, you can disable ModSecurity for a certain website or turn on the so-called detection mode in which case the firewall shall still function and record data, but shall not do anything to stop potential attacks on your Internet sites. Comprehensive logs will be available inside your CP and you'll be able to see which kind of attacks occurred, what security rules were triggered and how the firewall handled the threats, what IP addresses the attacks came from, etc. We employ 2 kinds of rules on our servers - commercial ones from a business that operates in the field of web security, and custom made ones which our admins sometimes include to respond to newly found threats on time.
ModSecurity in Dedicated Servers
If you choose to host your websites on a dedicated server with the Hepsia Control Panel, your web programs will be secured straight away since ModSecurity is available with all Hepsia-based solutions. You will be able to control the firewall easily and if needed, you will be able to turn it off or switch on its passive mode when it will only keep a log of what is happening without taking any action to prevent possible attacks. The logs which you can find inside the very same section of the CP are really detailed and contain information about the attacker IP address, what website and file were attacked and in what ways, what rule the firewall used to stop the intrusion, etcetera. This data shall enable you to take measures and enhance the security of your sites even more. To be on the safe side, we use not just commercial rules, but also custom-made ones that our staff add when they identify attacks which haven't yet been included in the commercial pack.