ModSecurity

: Terminology; Disk Space; Hepsia Control Panel; Hosted Domains; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Help Desk; Data Traffic; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Buy Now

ModSecurity is a powerful web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its functionality and when it discovers an intrusion attempt, it prevents it. The firewall furthermore maintains a more thorough log for the site visitors than any server does, so you'll be able to keep an eye on what's happening with your Internet sites a lot better than if you rely merely on conventional logs. ModSecurity employs security rules based on which it helps prevent attacks. For example, it identifies whether someone is attempting to log in to the administration area of a particular script several times or if a request is sent to execute a file with a specific command. In such circumstances these attempts set off the corresponding rules and the firewall program blocks the attempts in real time, then records comprehensive details about them in its logs. ModSecurity is one of the most effective software firewalls on the market and it can easily protect your web applications against thousands of threats and vulnerabilities, especially in case you don’t update them or their plugins regularly.

ModSecurity in Web Hosting

ModSecurity comes by default with all web hosting packages which we provide and it shall be switched on automatically for any domain or subdomain which you add/create inside your Hepsia hosting Control Panel. The firewall has three different modes, so you can activate and deactivate it with simply a click or set it to detection mode, so it will maintain a log of all attacks, but it'll not do anything to stop them. The log for any of your Internet sites shall contain in-depth information which includes the nature of the attack, where it originated from, what action was taken by ModSecurity, and so on. The firewall rules we use are frequently updated and consist of both commercial ones which we get from a third-party security company and custom ones our system administrators include in case that they detect a new type of attacks. In this way, the Internet sites which you host here shall be way more protected with no action required on your end.

ModSecurity in Semi-dedicated Hosting

Any web application you install inside your new semi-dedicated hosting account shall be protected by ModSecurity since the firewall is provided with all our hosting plans and is switched on by default for any domain and subdomain that you include or create via your Hepsia hosting CP. You'll be able to manage ModSecurity through a dedicated area within Hepsia where not only could you activate or deactivate it completely, but you can also enable a passive mode, so the firewall shall not stop anything, but it shall still maintain an archive of possible attacks. This normally requires only a click and you'll be able to look at the logs regardless of if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was addressed, and so forth. The firewall uses 2 sets of rules on our web servers - a commercial one which we get from a third-party web security firm and a custom one which our admins update manually as to respond to recently discovered threats as quickly as possible.

ModSecurity in VPS Hosting

All virtual private servers that are offered with the Hepsia Control Panel include ModSecurity. The firewall is installed and switched on by default for all domains which are hosted on the server, so there won't be anything special which you will have to do to protect your websites. It'll take you a click to stop ModSecurity if needed or to turn on its passive mode so that it records what happens without taking any actions to stop intrusions. You will be able to view the logs created in passive or active mode via the corresponding section of Hepsia and discover more about the type of the attack, where it came from, what rule the firewall used to deal with it, and so on. We employ a mix of commercial and custom rules in order to make certain that ModSecurity shall block out as many threats as possible, thus improving the security of your web applications as much as possible.

ModSecurity in Dedicated Web Hosting

All of our dedicated servers that are installed with the Hepsia hosting Control Panel feature ModSecurity, so any application which you upload or set up shall be protected from the very beginning and you will not have to bother about common attacks or vulnerabilities. An individual section inside Hepsia will permit you to start or stop the firewall for every domain or subdomain, or switch on a detection mode so that it records information regarding intrusions, but does not take actions to prevent them. What you shall see in the logs can easily allow you to to secure your websites better - the IP an attack originated from, what website was attacked and how, what ModSecurity rule was triggered, and so forth. With this info, you'll be able to see if an Internet site needs an update, whether you need to block IPs from accessing your hosting server, and so on. In addition to the third-party commercial security rules for ModSecurity which we use, our administrators add custom ones as well whenever they find a new threat that is not yet a part of the commercial bundle.