ModSecurity is a plugin for Apache web servers that acts as a web application layer firewall. It's employed to stop attacks against script-driven Internet sites by using security rules that contain certain expressions. In this way, the firewall can prevent hacking and spamming attempts and shield even websites which aren't updated on a regular basis. For example, multiple unsuccessful login attempts to a script admin area or attempts to execute a particular file with the intention to get access to the script will trigger particular rules, so ModSecurity shall block out these activities the second it detects them. The firewall is incredibly efficient as it tracks the entire HTTP traffic to a site in real time without slowing it down, so it can easily prevent an attack before any harm is done. It furthermore keeps a very thorough log of all attack attempts which contains more information than standard Apache logs, so you could later check out the data and take further measures to enhance the security of your sites if necessary.
ModSecurity in VPS Hosting
ModSecurity is pre-installed on all virtual private servers that are provided with the Hepsia hosting Control Panel, so your web apps shall be protected from the second your server is in a position. The firewall is switched on by default for any domain or subdomain on the VPS, but if required, you can disable it with a click through the corresponding section of Hepsia. You could also set it to work in detection mode, so it'll keep a comprehensive log of any potential attacks without taking any action to prevent them. The logs can be found inside the exact same section and include information about the nature of the attack, what IP it came from and what ModSecurity rule was activated to stop it. For best security, we employ not just commercial rules from a firm working in the field of web security, but also custom ones which our administrators add manually so as to react to new risks which are still not tackled in the commercial rules.
ModSecurity in Dedicated Web Hosting
ModSecurity is provided with all dedicated servers that are integrated with our Hepsia CP and you won't have to do anything specific on your end to employ it because it's enabled by default every time you include a new domain or subdomain on your server. In case it interferes with some of your apps, you shall be able to stop it via the respective area of Hepsia, or you can leave it operating in passive mode, so it'll detect attacks and will still keep a log for them, but will not block them. You could analyze the logs later to learn what you can do to enhance the safety of your Internet sites as you will find information such as where an intrusion attempt came from, what site was attacked and in accordance with what rule ModSecurity reacted, and so on. The rules which we use are commercial, hence they're constantly updated by a security company, but to be on the safe side, our staff also add custom rules from time to time as to deal with any new threats they have identified.