ModSecurity is a plugin for Apache web servers which acts as a web app layer firewall. It is employed to prevent attacks towards script-driven sites by employing security rules that contain particular expressions. That way, the firewall can prevent hacking and spamming attempts and shield even sites that are not updated often. For instance, numerous unsuccessful login attempts to a script administrator area or attempts to execute a particular file with the objective to get access to the script will trigger particular rules, so ModSecurity will block these activities the instant it identifies them. The firewall is quite efficient as it monitors the whole HTTP traffic to a website in real time without slowing it down, so it will be able to stop an attack before any harm is done. It also keeps a very detailed log of all attack attempts which features more info than standard Apache logs, so you could later check out the data and take extra measures to improve the security of your sites if required.
ModSecurity in Website Hosting
ModSecurity is supplied with all website hosting servers, so when you opt to host your Internet sites with our organization, they shall be protected against an array of attacks. The firewall is enabled as standard for all domains and subdomains, so there'll be nothing you'll have to do on your end. You will be able to stop ModSecurity for any Internet site if necessary, or to switch on a detection mode, so that all activity shall be recorded, but the firewall shall not take any real action. You'll be able to view specific logs from your Hepsia Control Panel including the IP address where the attack originated from, what the attacker wished to do and how ModSecurity dealt with the threat. As we take the security of our customers' websites seriously, we employ a set of commercial rules which we take from one of the leading firms that maintain such rules. Our administrators also add custom rules to make sure that your sites will be protected against as many risks as possible.
ModSecurity in Semi-dedicated Servers
ModSecurity is part of our semi-dedicated server plans and if you opt to host your websites with our company, there won't be anything special you'll have to do since the firewall is turned on by default for all domains and subdomains which you include using your hosting CP. If necessary, you could disable ModSecurity for a certain website or switch on the so-called detection mode in which case the firewall will still function and record info, but won't do anything to prevent potential attacks on your Internet sites. In depth logs shall be available within your Control Panel and you'll be able to see which kind of attacks took place, what security rules were triggered and how the firewall handled the threats, what IP addresses the attacks originated from, and so forth. We employ 2 sorts of rules on our servers - commercial ones from a company that operates in the field of web security, and custom made ones which our administrators sometimes include to respond to newly discovered risks promptly.