ModSecurity is a plugin for Apache web servers which acts as a web application layer firewall. It is used to prevent attacks against script-driven sites by using security rules which contain particular expressions. In this way, the firewall can block hacking and spamming attempts and protect even sites which aren't updated frequently. For example, numerous failed login attempts to a script administrative area or attempts to execute a certain file with the purpose to get access to the script shall trigger particular rules, so ModSecurity will block out these activities the moment it identifies them. The firewall is quite efficient since it monitors the entire HTTP traffic to an Internet site in real time without slowing it down, so it could stop an attack before any harm is done. It furthermore keeps an exceptionally comprehensive log of all attack attempts which includes more information than conventional Apache logs, so you could later check out the data and take additional measures to boost the security of your Internet sites if needed.
ModSecurity in Cloud Hosting
ModSecurity is available on all cloud hosting machines, so when you decide to host your websites with our business, they will be resistant to a wide range of attacks. The firewall is enabled by default for all domains and subdomains, so there shall be nothing you will need to do on your end. You'll be able to stop ModSecurity for any Internet site if required, or to switch on a detection mode, so that all activity shall be recorded, but the firewall won't take any real action. You'll be able to view specific logs from your Hepsia CP including the IP where the attack came from, what the attacker planned to do and how ModSecurity addressed the threat. Since we take the security of our clients' Internet sites very seriously, we employ a selection of commercial rules that we take from one of the leading companies which maintain such rules. Our administrators also include custom rules to make sure that your sites will be resistant to as many risks as possible.
ModSecurity in Dedicated Web Hosting
All our dedicated servers which are installed with the Hepsia hosting Control Panel come with ModSecurity, so any program which you upload or install will be properly secured from the very beginning and you will not need to worry about common attacks or vulnerabilities. A separate section in Hepsia will permit you to start or stop the firewall for each and every domain or subdomain, or switch on a detection mode so that it records information regarding intrusions, but doesn't take actions to prevent them. What you'll discover in the logs can easily allow you to to secure your websites better - the IP an attack originated from, what site was attacked as well as how, what ModSecurity rule was triggered, and so on. With this info, you'll be able to see if a site needs an update, if you should block IPs from accessing your web server, etcetera. Aside from the third-party commercial security rules for ModSecurity that we use, our administrators add custom ones too every time they discover a new threat that is not yet in the commercial bundle.