ModSecurity

: Hosting Glossary; Disk Space; Hepsia Control Panel; Domains Hosted; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Customer Support; Monthly Traffic; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Sign Up

ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to an Internet site without affecting its performance and if it identifies an intrusion attempt, it blocks it. The firewall additionally keeps a more thorough log for the website visitors than any web server does, so you shall manage to monitor what's happening with your Internet sites a lot better than if you rely simply on standard logs. ModSecurity employs security rules based on which it prevents attacks. For example, it detects if somebody is attempting to log in to the administrator area of a certain script a number of times or if a request is sent to execute a file with a particular command. In these situations these attempts trigger the corresponding rules and the firewall program blocks the attempts instantly, and then records comprehensive details about them inside its logs. ModSecurity is one of the best software firewalls on the market and it could easily protect your web apps against a large number of threats and vulnerabilities, particularly if you don’t update them or their plugins frequently.

ModSecurity in Cloud Hosting

ModSecurity is offered with each cloud hosting plan which we provide and it's switched on by default for any domain or subdomain that you include via your Hepsia Control Panel. In case it disrupts any of your apps or you'd like to disable it for any reason, you'll be able to accomplish that through the ModSecurity area of Hepsia with only a mouse click. You may also activate a passive mode, so the firewall will identify possible attacks and keep a log, but shall not take any action. You'll be able to view comprehensive logs in the same section, including the IP where the attack originated from, what exactly the attacker aimed to do and at what time, what ModSecurity did, and so on. For max security of our customers we use a set of commercial firewall rules blended with custom ones that are added by our system administrators.

ModSecurity in Semi-dedicated Hosting

Any web program that you set up within your new semi-dedicated hosting account will be protected by ModSecurity because the firewall is included with all our hosting solutions and is turned on by default for any domain and subdomain you add or create through your Hepsia hosting Control Panel. You will be able to manage ModSecurity through a dedicated section within Hepsia where not simply can you activate or deactivate it completely, but you could also activate a passive mode, so the firewall shall not stop anything, but it'll still maintain an archive of possible attacks. This requires just a mouse click and you'll be able to see the logs regardless of if ModSecurity is in passive or active mode through the same section - what the attack was and where it originated from, how it was taken care of, etcetera. The firewall uses two sets of rules on our web servers - a commercial one that we get from a third-party web security company and a custom one that our administrators update manually in order to respond to recently discovered risks as soon as possible.

ModSecurity in VPS Web Hosting

ModSecurity is included with all Hepsia-based virtual private servers which we offer and it'll be turned on automatically for any new domain or subdomain you add on the server. In this way, any web application that you install will be secured from the very beginning without doing anything manually on your end. The firewall could be handled via the section of the Control Panel that bears the same name. This is the place whereyou can switch off ModSecurity or let its passive mode, so it shall not take any action against threats, but shall still maintain a comprehensive log. The recorded information is available within the same section as well and you will be able to see what IPs any attacks originated from to enable you to stop them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity reacted. The rules that we employ on our servers are a mixture between commercial ones which we get from a security company and custom ones which are added by our administrators to optimize the security of any web applications hosted on our end.

ModSecurity in Dedicated Servers Hosting

All of our dedicated servers which are set up with the Hepsia hosting Control Panel come with ModSecurity, so any program you upload or set up will be protected from the very beginning and you won't need to bother about common attacks or vulnerabilities. An individual section in Hepsia will permit you to start or stop the firewall for every domain or subdomain, or switch on a detection mode so that it records details about intrusions, but does not take actions to prevent them. What you shall discover in the logs can help you to secure your websites better - the IP an attack came from, what website was attacked and how, what ModSecurity rule was triggered, etc. With this information, you'll be able to see whether an Internet site needs an update, if you ought to block IPs from accessing your hosting server, etcetera. On top of the third-party commercial security rules for ModSecurity which we use, our administrators add custom ones as well every time they come across a new threat which is not yet included in the commercial bundle.