ModSecurity

: Terminology; Disk Space; Hepsia Control Panel; Domain Names Hosted; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Support; Data Traffic; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Join us

ModSecurity is a powerful web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its functionality and if it discovers an intrusion attempt, it blocks it. The firewall also maintains a more detailed log for the website visitors than any server does, so you will manage to keep track of what is happening with your websites better than if you rely only on standard logs. ModSecurity works with security rules based on which it prevents attacks. For instance, it identifies if someone is trying to log in to the admin area of a specific script a number of times or if a request is sent to execute a file with a particular command. In these instances these attempts trigger the corresponding rules and the firewall software hinders the attempts immediately, and then records in-depth details about them inside its logs. ModSecurity is amongst the very best software firewalls available and it can easily protect your web applications against many threats and vulnerabilities, particularly if you don’t update them or their plugins frequently.

ModSecurity in Cloud Hosting

ModSecurity comes by default with all cloud hosting packages that we supply and it will be activated automatically for any domain or subdomain you add/create in your Hepsia hosting Control Panel. The firewall has 3 different modes, so you'll be able to switch on and disable it with simply a mouse click or set it to detection mode, so it'll maintain a log of all attacks, but it will not do anything to stop them. The log for each of your Internet sites will contain elaborate information which includes the nature of the attack, where it came from, what action was taken by ModSecurity, etc. The firewall rules that we use are regularly updated and consist of both commercial ones which we get from a third-party security business and custom ones that our system administrators include in the event that they detect a new sort of attacks. This way, the sites that you host here will be much more secure without any action needed on your end.

ModSecurity in Semi-dedicated Hosting

Any web application you set up within your new semi-dedicated hosting account shall be protected by ModSecurity since the firewall is provided with all our hosting packages and is turned on by default for any domain and subdomain you include or create via your Hepsia hosting Control Panel. You will be able to manage ModSecurity via a dedicated section in Hepsia where not simply can you activate or deactivate it fully, but you may also switch on a passive mode, so the firewall won't block anything, but it will still keep a record of potential attacks. This requires simply a mouse click and you shall be able to look at the logs no matter if ModSecurity is in passive or active mode through the same section - what the attack was and where it came from, how it was dealt with, etcetera. The firewall employs 2 groups of rules on our servers - a commercial one that we get from a third-party web security company and a custom one which our administrators update personally as to respond to recently discovered threats immediately.

ModSecurity in VPS Hosting

ModSecurity is pre-installed on all virtual private servers which are provided with the Hepsia hosting Control Panel, so your web programs will be protected from the instant your server is ready. The firewall is switched on by default for any domain or subdomain on the VPS, but if required, you can disable it with a click from the corresponding section of Hepsia. You can also set it to function in detection mode, so it will maintain a detailed log of any possible attacks without taking any action to prevent them. The logs are available within the same section and provide information regarding the nature of the attack, what IP address it came from and what ModSecurity rule was initiated to stop it. For best security, we use not just commercial rules from a company operating in the field of web security, but also custom ones our admins add personally so as to react to new risks that are still not addressed in the commercial rules.

ModSecurity in Dedicated Web Hosting

All our dedicated servers which are installed with the Hepsia hosting CP include ModSecurity, so any program which you upload or install will be secured from the very beginning and you will not have to stress about common attacks or vulnerabilities. An individual section in Hepsia will permit you to start or stop the firewall for each and every domain or subdomain, or turn on a detection mode so that it records information regarding intrusions, but does not take actions to prevent them. What you will discover in the logs shall enable you to to secure your websites better - the IP an attack came from, what site was attacked and exactly how, what ModSecurity rule was triggered, and so forth. With this data, you could see whether a website needs an update, whether you ought to block IPs from accessing your web server, etcetera. Besides the third-party commercial security rules for ModSecurity we use, our administrators include custom ones as well every time they come across a new threat that is not yet included in the commercial bundle.