ModSecurity

: Hosting Glossary; Disk Space; Hepsia Control Panel; Hosted Domain Names; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Customer Support; Data Traffic; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Order

ModSecurity is a highly effective firewall for Apache web servers which is employed to prevent attacks against web apps. It keeps track of the HTTP traffic to a certain site in real time and blocks any intrusion attempts as soon as it detects them. The firewall uses a set of rules to do that - as an example, attempting to log in to a script administration area unsuccessfully several times sets off one rule, sending a request to execute a particular file which may result in getting access to the site triggers another rule, etcetera. ModSecurity is among the best firewalls on the market and it'll secure even scripts which aren't updated frequently because it can prevent attackers from using known exploits and security holes. Quite thorough information about each intrusion attempt is recorded and the logs the firewall keeps are a lot more comprehensive than the conventional logs generated by the Apache server, so you could later examine them and decide if you need to take extra measures so as to enhance the security of your script-driven Internet sites.

ModSecurity in Website Hosting

ModSecurity is provided with all website hosting servers, so if you opt to host your sites with our company, they shall be shielded from a wide range of attacks. The firewall is enabled by default for all domains and subdomains, so there'll be nothing you will have to do on your end. You will be able to stop ModSecurity for any site if required, or to switch on a detection mode, so all activity will be recorded, but the firewall shall not take any real action. You'll be able to view specific logs using your Hepsia CP including the IP where the attack came from, what the attacker wished to do and how ModSecurity dealt with the threat. As we take the safety of our clients' websites very seriously, we use a set of commercial rules that we get from one of the leading companies which maintain this sort of rules. Our admins also include custom rules to ensure that your sites will be shielded from as many risks as possible.

ModSecurity in Semi-dedicated Servers

Any web app which you install within your new semi-dedicated server account shall be protected by ModSecurity because the firewall is provided with all our hosting solutions and is activated by default for any domain and subdomain that you add or create via your Hepsia hosting Control Panel. You shall be able to manage ModSecurity via a dedicated section inside Hepsia where not only could you activate or deactivate it entirely, but you may also switch on a passive mode, so the firewall will not stop anything, but it shall still maintain an archive of possible attacks. This requires just a mouse click and you'll be able to look at the logs no matter if ModSecurity is in active or passive mode through the same section - what the attack was and where it came from, how it was addressed, etcetera. The firewall employs two sets of rules on our web servers - a commercial one that we get from a third-party web security company and a custom one which our admins update personally as to respond to newly discovered risks as soon as possible.

ModSecurity in VPS Servers

ModSecurity comes with all Hepsia-based VPS servers we offer and it'll be turned on automatically for every new domain or subdomain you add on the server. That way, any web app that you install will be secured right away without doing anything personally on your end. The firewall can be managed via the section of the CP that bears the same name. This is the place in whichyou'll be able to disable ModSecurity or enable its passive mode, so it will not take any action towards threats, but shall still keep a thorough log. The recorded info is available within the same section as well and you'll be able to see what IPs any attacks came from so that you can stop them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity reacted. The rules we use on our servers are a blend between commercial ones we obtain from a security organization and custom ones which are included by our administrators to maximize the security of any web apps hosted on our end.

ModSecurity in Dedicated Servers

If you opt to host your Internet sites on a dedicated server with the Hepsia Control Panel, your web programs will be protected immediately as ModSecurity is provided with all Hepsia-based solutions. You shall be able to manage the firewall easily and if required, you'll be able to turn it off or switch on its passive mode when it will only maintain a log of what's occurring without taking any action to prevent possible attacks. The logs which you'll find in the exact same section of the Control Panel are really detailed and feature information about the attacker IP, what website and file were attacked and in what ways, what rule the firewall employed to prevent the intrusion, and so on. This info will enable you to take measures and improve the security of your websites even more. To be on the safe side, we employ not just commercial rules, but also custom-made ones which our administrators add when they recognize attacks that have not yet been included within the commercial pack.