ModSecurity is a plugin for Apache web servers which functions as a web application layer firewall. It's employed to stop attacks towards script-driven websites by using security rules which contain certain expressions. In this way, the firewall can block hacking and spamming attempts and shield even sites which aren't updated regularly. As an example, a number of unsuccessful login attempts to a script administrator area or attempts to execute a certain file with the objective to get access to the script shall trigger certain rules, so ModSecurity shall stop these activities the instant it detects them. The firewall is incredibly efficient because it monitors the entire HTTP traffic to a website in real time without slowing it down, so it will be able to stop an attack before any damage is done. It furthermore maintains a very comprehensive log of all attack attempts that features more information than typical Apache logs, so you could later check out the data and take extra measures to improve the security of your websites if needed.
ModSecurity in VPS Servers
ModSecurity is pre-installed on all VPS servers which are set up with the Hepsia hosting Control Panel, so your web programs will be protected from the second your server is in a position. The firewall is switched on by default for any domain or subdomain on the VPS, but if needed, you could deactivate it with a mouse click via the corresponding section of Hepsia. You can also set it to work in detection mode, so it'll maintain a detailed log of any possible attacks without taking any action to prevent them. The logs are available inside the same section and offer details about the nature of the attack, what IP address it originated from and what ModSecurity rule was activated to stop it. For optimum security, we use not just commercial rules from a firm operating in the field of web security, but also custom ones our admins add personally in order to respond to new threats which are still not addressed in the commercial rules.
ModSecurity in Dedicated Servers
ModSecurity is included with all dedicated servers that are set up with our Hepsia Control Panel and you won't need to do anything specific on your end to use it because it's activated by default each time you add a new domain or subdomain on your web server. In case it disrupts any of your applications, you'll be able to stop it via the respective section of Hepsia, or you could leave it operating in passive mode, so it will recognize attacks and will still maintain a log for them, but will not stop them. You'll be able to examine the logs later to determine what you can do to enhance the safety of your Internet sites as you will find info such as where an intrusion attempt came from, what website was attacked and based upon what rule ModSecurity responded, etc. The rules that we use are commercial, therefore they are constantly updated by a security firm, but to be on the safe side, our staff also add custom rules every now and then in order to react to any new threats they have discovered.