ModSecurity is a plugin for Apache web servers that acts as a web app layer firewall. It is employed to stop attacks toward script-driven Internet sites through the use of security rules that contain particular expressions. This way, the firewall can block hacking and spamming attempts and shield even Internet sites that are not updated frequently. For example, numerous failed login attempts to a script administrator area or attempts to execute a specific file with the intention to get access to the script will trigger specific rules, so ModSecurity shall block these activities the instant it discovers them. The firewall is incredibly efficient since it screens the entire HTTP traffic to a website in real time without slowing it down, so it will be able to stop an attack before any harm is done. It also keeps a very thorough log of all attack attempts that contains more information than conventional Apache logs, so you can later analyze the data and take extra measures to boost the security of your websites if required.
ModSecurity in Cloud Hosting
ModSecurity can be found with every cloud hosting package that we offer and it's switched on by default for every domain or subdomain which you include via your Hepsia Control Panel. If it interferes with any of your programs or you'd like to disable it for whatever reason, you shall be able to accomplish that through the ModSecurity area of Hepsia with simply a click. You may also enable a passive mode, so the firewall will detect possible attacks and maintain a log, but will not take any action. You can view comprehensive logs in the same section, including the IP where the attack originated from, what precisely the attacker aimed to do and at what time, what ModSecurity did, and so on. For optimum safety of our customers we use a collection of commercial firewall rules mixed with custom ones which are provided by our system administrators.
ModSecurity in VPS Servers
All VPS servers which are provided with the Hepsia CP feature ModSecurity. The firewall is installed and activated by default for all domains that are hosted on the machine, so there will not be anything special which you'll have to do to protect your websites. It'll take you simply a click to stop ModSecurity if required or to switch on its passive mode so that it records what goes on without taking any measures to prevent intrusions. You will be able to see the logs produced in active or passive mode via the corresponding section of Hepsia and discover more about the form of the attack, where it originated from, what rule the firewall employed to tackle it, etc. We employ a mixture of commercial and custom rules so as to make certain that ModSecurity shall prevent as many risks as possible, therefore increasing the security of your web applications as much as possible.