ModSecurity is a plugin for Apache web servers that acts as a web app layer firewall. It's used to stop attacks against script-driven sites through the use of security rules which contain particular expressions. In this way, the firewall can stop hacking and spamming attempts and shield even Internet sites that are not updated often. For instance, several failed login attempts to a script administrative area or attempts to execute a certain file with the objective to get access to the script shall trigger particular rules, so ModSecurity shall block these activities the second it discovers them. The firewall is incredibly efficient since it screens the whole HTTP traffic to an Internet site in real time without slowing it down, so it can prevent an attack before any damage is done. It also maintains an incredibly detailed log of all attack attempts which contains more information than typical Apache logs, so you could later analyze the data and take extra measures to enhance the security of your sites if necessary.
ModSecurity in Shared Hosting
ModSecurity comes standard with all shared hosting plans that we provide and it shall be switched on automatically for any domain or subdomain you add/create inside your Hepsia hosting CP. The firewall has 3 different modes, so you could switch on and disable it with simply a mouse click or set it to detection mode, so it shall maintain a log of all attacks, but it will not do anything to stop them. The log for any of your Internet sites will include comprehensive information such as the nature of the attack, where it came from, what action was taken by ModSecurity, etcetera. The firewall rules which we use are constantly updated and comprise of both commercial ones which we get from a third-party security business and custom ones that our system admins add in case that they detect a new type of attacks. That way, the websites you host here shall be a lot more secure with no action required on your end.
ModSecurity in VPS Servers
Safety is essential to us, so we install ModSecurity on all VPS servers that are provided with the Hepsia CP as a standard. The firewall could be managed through a dedicated section within Hepsia and is turned on automatically when you add a new domain or create a subdomain, so you won't have to do anything personally. You'll also be able to deactivate it or activate the so-called detection mode, so it shall maintain a log of potential attacks that you can later study, but won't block them. The logs in both passive and active modes include information about the form of the attack and how it was stopped, what IP address it originated from and other valuable data which may help you to tighten the security of your websites by updating them or blocking IPs, for example. In addition to the commercial rules we get for ModSecurity from a third-party security enterprise, we also use our own rules since every now and then we discover specific attacks which are not yet present in the commercial package. This way, we can enhance the protection of your Virtual private server immediately as opposed to waiting for a certified update.