ModSecurity

: Hosting Glossary; Disk Space; Hepsia Control Panel; Domains Hosted; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Help Desk; Monthly Traffic; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Order Now

ModSecurity is a powerful firewall for Apache web servers that's employed to stop attacks towards web apps. It monitors the HTTP traffic to a particular website in real time and blocks any intrusion attempts as soon as it identifies them. The firewall uses a set of rules to do this - as an example, trying to log in to a script administration area unsuccessfully a few times activates one rule, sending a request to execute a certain file which could result in getting access to the Internet site triggers a different rule, etcetera. ModSecurity is one of the best firewalls available on the market and it'll preserve even scripts which are not updated often because it can prevent attackers from using known exploits and security holes. Very detailed data about each intrusion attempt is recorded and the logs the firewall maintains are much more comprehensive than the conventional logs created by the Apache server, so you could later take a look at them and determine if you need to take extra measures so as to enhance the protection of your script-driven websites.

ModSecurity in Cloud Website Hosting

ModSecurity is available on all cloud website hosting servers, so when you decide to host your websites with our firm, they will be shielded from a wide array of attacks. The firewall is turned on as standard for all domains and subdomains, so there shall be nothing you will have to do on your end. You will be able to stop ModSecurity for any website if needed, or to activate a detection mode, so that all activity shall be recorded, but the firewall won't take any real action. You'll be able to view comprehensive logs using your Hepsia CP including the IP address where the attack originated from, what the attacker wanted to do and how ModSecurity handled the threat. Since we take the protection of our clients' sites seriously, we use a selection of commercial rules which we take from one of the top companies which maintain such rules. Our admins also add custom rules to ensure that your websites will be protected against as many threats as possible.

ModSecurity in Semi-dedicated Servers

ModSecurity is part of our semi-dedicated server solutions and if you opt to host your Internet sites with us, there won't be anything special you'll have to do since the firewall is switched on by default for all domains and subdomains you include via your hosting Control Panel. If necessary, you can disable ModSecurity for a particular website or turn on the so-called detection mode in which case the firewall will still work and record data, but shall not do anything to prevent potential attacks against your Internet sites. Comprehensive logs shall be accessible inside your Control Panel and you will be able to see what sort of attacks happened, what security rules were triggered and how the firewall handled the threats, what IP addresses the attacks came from, etcetera. We use two kinds of rules on our servers - commercial ones from a firm which operates in the field of web security, and custom made ones which our admins occasionally include to respond to newly discovered risks in a timely manner.

ModSecurity in VPS Servers

ModSecurity is provided with all Hepsia-based VPS servers we offer and it'll be activated automatically for every new domain or subdomain which you include on the server. This way, any web app which you install will be secured from the very beginning without doing anything personally on your end. The firewall may be managed via the section of the CP which bears the same name. This is the area whereyou can disable ModSecurity or enable its passive mode, so it won't take any action towards threats, but shall still keep a thorough log. The recorded data is available within the same area as well and you will be able to see what IPs any attacks came from so that you block them, what the nature of the attempted attacks was and based upon what security rules ModSecurity responded. The rules that we employ on our servers are a combination between commercial ones which we obtain from a security company and custom ones that are included by our administrators to maximize the protection of any web apps hosted on our end.

ModSecurity in Dedicated Servers

When you decide to host your Internet sites on a dedicated server with the Hepsia Control Panel, your web programs shall be protected straight away as ModSecurity is available with all Hepsia-based plans. You will be able to regulate the firewall with ease and if needed, you shall be able to turn it off or enable its passive mode when it shall only keep a log of what is occurring without taking any action to prevent possible attacks. The logs that you will find within the exact same section of the Control Panel are very detailed and contain data about the attacker IP, what website and file were attacked and in what way, what rule the firewall employed to prevent the intrusion, and so forth. This info shall permit you to take measures and improve the protection of your Internet sites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones which our admins include whenever they identify attacks that haven't yet been included within the commercial pack.