ModSecurity is a plugin for Apache web servers which functions as a web application layer firewall. It is used to stop attacks toward script-driven websites through the use of security rules which contain specific expressions. In this way, the firewall can block hacking and spamming attempts and preserve even Internet sites that are not updated regularly. For instance, numerous failed login attempts to a script administrator area or attempts to execute a specific file with the purpose to get access to the script shall trigger specific rules, so ModSecurity shall stop these activities the moment it detects them. The firewall is very efficient because it screens the whole HTTP traffic to an Internet site in real time without slowing it down, so it could prevent an attack before any damage is done. It also maintains a very comprehensive log of all attack attempts that contains more information than typical Apache logs, so you could later analyze the data and take extra measures to boost the security of your sites if needed.
ModSecurity in Cloud Website Hosting
ModSecurity is available on all cloud website hosting machines, so when you decide to host your Internet sites with our business, they will be protected against an array of attacks. The firewall is enabled as standard for all domains and subdomains, so there will be nothing you will have to do on your end. You shall be able to stop ModSecurity for any Internet site if needed, or to enable a detection mode, so that all activity shall be recorded, but the firewall shall not take any real action. You will be able to view comprehensive logs from your Hepsia Control Panel including the IP where the attack originated from, what the attacker planned to do and how ModSecurity dealt with the threat. As we take the protection of our customers' sites very seriously, we use a collection of commercial rules which we take from one of the top companies which maintain this sort of rules. Our admins also include custom rules to ensure that your Internet sites will be protected against as many threats as possible.
ModSecurity in Dedicated Servers Hosting
ModSecurity is available as standard with all dedicated servers which are set up with the Hepsia CP and is set to “Active” automatically for any domain which you host or subdomain that you create on the web server. In case that a web app doesn't function adequately, you may either switch off the firewall or set it to function in passive mode. The second means that ModSecurity shall keep a log of any possible attack which might occur, but won't take any action to prevent it. The logs produced in passive or active mode shall present you with additional details about the exact file that was attacked, the nature of the attack and the IP it originated from, and so forth. This information shall permit you to choose what steps you can take to boost the protection of your Internet sites, for instance blocking IPs or carrying out script and plugin updates. The ModSecurity rules that we use are updated regularly with a commercial pack from a third-party security provider we work with, but oftentimes our staff add their own rules too in the event that they identify a new potential threat.