ModSecurity

: Hosting Definitions; Disk Space; Hepsia Control Panel; Domains Hosted; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Help Desk; Data Traffic; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Sign Up

ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to a site without affecting its operation and when it detects an intrusion attempt, it prevents it. The firewall furthermore maintains a more detailed log for the website visitors than any server does, so you'll be able to keep track of what's happening with your Internet sites a lot better than if you rely simply on conventional logs. ModSecurity uses security rules based on which it helps prevent attacks. For example, it recognizes whether anyone is trying to log in to the admin area of a specific script several times or if a request is sent to execute a file with a certain command. In these situations these attempts set off the corresponding rules and the firewall software hinders the attempts instantly, after that records comprehensive details about them within its logs. ModSecurity is one of the very best software firewalls out there and it can easily protect your web applications against thousands of threats and vulnerabilities, especially in case you don’t update them or their plugins regularly.

ModSecurity in Website Hosting

ModSecurity comes standard with all website hosting plans which we supply and it will be activated automatically for any domain or subdomain which you add/create in your Hepsia hosting Control Panel. The firewall has 3 different modes, so you'll be able to activate and disable it with a mouse click or set it to detection mode, so it'll keep a log of all attacks, but it will not do anything to prevent them. The log for each of your sites will contain detailed info including the nature of the attack, where it came from, what action was taken by ModSecurity, etc. The firewall rules we use are frequently updated and comprise of both commercial ones which we get from a third-party security business and custom ones our system administrators add in the event that they detect a new type of attacks. That way, the Internet sites which you host here shall be a lot more secure with no action required on your end.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting solutions which we offer come with ModSecurity and since the firewall is switched on by default, any website that you build under a domain or a subdomain will be secured immediately. An individual section within the Hepsia CP which comes with the semi-dedicated accounts is devoted to ModSecurity and it will enable you to stop and start the firewall for any Internet site or enable a detection mode. With the last mentioned, ModSecurity won't take any action, but it shall still identify possible attacks and shall keep all information within a log as if it were 100% active. The logs could be found within the same section of the Control Panel and they feature info about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to detect and stop it, and so on. The security rules we employ on our web servers are a mix between commercial ones from a security business and custom ones developed by our system administrators. Consequently, we offer increased security for your web applications as we can defend them from attacks even before security businesses release updates for brand new threats.

ModSecurity in VPS

All virtual private servers which are offered with the Hepsia CP come with ModSecurity. The firewall is set up and turned on by default for all domains that are hosted on the machine, so there won't be anything special which you shall have to do to protect your sites. It'll take you just a click to stop ModSecurity if necessary or to turn on its passive mode so that it records what occurs without taking any steps to stop intrusions. You shall be able to view the logs generated in active or passive mode from the corresponding section of Hepsia and learn more about the form of the attack, where it originated from, what rule the firewall employed to deal with it, etcetera. We use a combination of commercial and custom rules in order to make sure that ModSecurity shall block out as many threats as possible, consequently enhancing the security of your web apps as much as possible.

ModSecurity in Dedicated Hosting

ModSecurity is provided with all dedicated servers which are integrated with our Hepsia CP and you won't have to do anything specific on your end to employ it since it's turned on by default whenever you add a new domain or subdomain on your server. If it interferes with any of your applications, you shall be able to stop it through the respective area of Hepsia, or you may leave it working in passive mode, so it'll recognize attacks and will still maintain a log for them, but shall not prevent them. You could analyze the logs later to determine what you can do to boost the security of your Internet sites since you shall find info such as where an intrusion attempt came from, what site was attacked and in accordance with what rule ModSecurity reacted, and so on. The rules we employ are commercial, hence they are regularly updated by a security firm, but to be on the safe side, our administrators also include custom rules from time to time in order to deal with any new threats they have discovered.