ModSecurity is a plugin for Apache web servers that functions as a web application layer firewall. It's employed to stop attacks against script-driven sites by using security rules that contain specific expressions. This way, the firewall can prevent hacking and spamming attempts and protect even sites which aren't updated on a regular basis. As an example, a number of failed login attempts to a script administrator area or attempts to execute a particular file with the purpose to get access to the script shall trigger particular rules, so ModSecurity will stop these activities the second it identifies them. The firewall is incredibly efficient as it tracks the entire HTTP traffic to a site in real time without slowing it down, so it can prevent an attack before any harm is done. It furthermore keeps an exceptionally thorough log of all attack attempts that contains more information than conventional Apache logs, so you could later check out the data and take further measures to enhance the security of your sites if necessary.
ModSecurity in Cloud Hosting
We offer ModSecurity with all cloud hosting plans, so your web applications shall be protected against destructive attacks. The firewall is turned on by default for all domains and subdomains, but if you'd like, you shall be able to stop it via the respective part of your Hepsia Control Panel. You'll be able to also activate a detection mode, so ModSecurity will keep a log as intended, but won't take any action. The logs which you shall discover inside Hepsia are very detailed and offer data about the nature of any attack, when it occurred and from what IP, the firewall rule that was triggered, etcetera. We use a set of commercial rules that are often updated, but sometimes our admins add custom rules as well so as to better protect the sites hosted on our machines.
ModSecurity in Dedicated Servers Hosting
ModSecurity comes with all dedicated servers which are set up with our Hepsia CP and you won't need to do anything specific on your end to use it because it is enabled by default whenever you include a new domain or subdomain on your hosting server. In the event that it interferes with any of your apps, you will be able to stop it via the respective section of Hepsia, or you could leave it in passive mode, so it shall identify attacks and shall still keep a log for them, but will not prevent them. You can analyze the logs later to learn what you can do to increase the security of your sites as you will find info such as where an intrusion attempt originated from, what website was attacked and based on what rule ModSecurity reacted, etcetera. The rules that we use are commercial, hence they're constantly updated by a security company, but to be on the safe side, our administrators also include custom rules from time to time as to deal with any new threats they have identified.