ModSecurity is a plugin for Apache web servers which acts as a web app layer firewall. It's employed to stop attacks toward script-driven websites through the use of security rules that contain particular expressions. This way, the firewall can prevent hacking and spamming attempts and preserve even websites which aren't updated on a regular basis. For instance, several unsuccessful login attempts to a script admin area or attempts to execute a specific file with the objective to get access to the script shall trigger particular rules, so ModSecurity will block these activities the minute it identifies them. The firewall is quite efficient since it monitors the whole HTTP traffic to a website in real time without slowing it down, so it could stop an attack before any damage is done. It furthermore keeps a very detailed log of all attack attempts that includes more information than conventional Apache logs, so you could later analyze the data and take further measures to enhance the security of your Internet sites if needed.
ModSecurity in Shared Web Hosting
ModSecurity comes standard with all shared web hosting plans that we provide and it'll be activated automatically for any domain or subdomain you add/create within your Hepsia hosting CP. The firewall has three different modes, so you could activate and disable it with only a mouse click or set it to detection mode, so it shall keep a log of all attacks, but it shall not do anything to prevent them. The log for each of your websites shall feature comprehensive information including the nature of the attack, where it originated from, what action was taken by ModSecurity, and so on. The firewall rules which we use are frequently updated and consist of both commercial ones which we get from a third-party security business and custom ones which our system admins include in case that they detect a new kind of attacks. That way, the Internet sites you host here will be far more protected without any action expected on your end.
ModSecurity in VPS Servers
Protection is essential to us, so we set up ModSecurity on all VPS servers which are made available with the Hepsia Control Panel by default. The firewall could be managed through a dedicated section in Hepsia and is switched on automatically when you include a new domain or generate a subdomain, so you'll not have to do anything personally. You shall also be able to deactivate it or turn on the so-called detection mode, so it shall keep a log of potential attacks you can later examine, but will not stop them. The logs in both passive and active modes offer info regarding the form of the attack and how it was stopped, what IP it came from and other useful data which could help you to tighten the security of your sites by updating them or blocking IPs, for example. In addition to the commercial rules that we get for ModSecurity from a third-party security company, we also employ our own rules as occasionally we discover specific attacks which are not yet present within the commercial package. That way, we could increase the security of your VPS immediately rather than awaiting a certified update.