ModSecurity

: Definitions; Disk Space; Hepsia Control Panel; Domain Names Hosted; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Customer Support; Bandwidth; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Sign Up

ModSecurity is a powerful web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to a site without affecting its functionality and if it identifies an intrusion attempt, it prevents it. The firewall furthermore keeps a more detailed log for the website visitors than any web server does, so you will manage to keep an eye on what is going on with your websites a lot better than if you rely merely on conventional logs. ModSecurity employs security rules based on which it prevents attacks. For instance, it recognizes if someone is trying to log in to the administrator area of a certain script a number of times or if a request is sent to execute a file with a particular command. In such cases these attempts set off the corresponding rules and the software blocks the attempts instantly, after that records comprehensive info about them inside its logs. ModSecurity is among the very best software firewalls on the market and it could easily protect your web applications against a huge number of threats and vulnerabilities, particularly in case you don’t update them or their plugins frequently.

ModSecurity in Hosting

ModSecurity is supplied with all hosting servers, so when you decide to host your Internet sites with our firm, they shall be resistant to an array of attacks. The firewall is enabled by default for all domains and subdomains, so there will be nothing you will have to do on your end. You'll be able to stop ModSecurity for any website if needed, or to activate a detection mode, so all activity shall be recorded, but the firewall will not take any real action. You shall be able to view comprehensive logs using your Hepsia Control Panel including the IP where the attack came from, what the attacker planned to do and how ModSecurity handled the threat. As we take the safety of our clients' Internet sites very seriously, we employ a set of commercial rules that we get from one of the top companies that maintain such rules. Our administrators also include custom rules to ensure that your websites shall be shielded from as many risks as possible.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server packages which we offer include ModSecurity and since the firewall is turned on by default, any website which you create under a domain or a subdomain will be protected right away. An individual section in the Hepsia Control Panel that comes with the semi-dedicated accounts is dedicated to ModSecurity and it shall enable you to stop and start the firewall for any site or activate a detection mode. With the last mentioned, ModSecurity will not take any action, but it shall still recognize possible attacks and will keep all data within a log as if it were fully active. The logs could be found inside the same section of the Control Panel and they feature specifics about the IP where an attack came from, what its nature was, what rule ModSecurity applies to recognize and stop it, etcetera. The security rules that we employ on our machines are a mix of commercial ones from a security business and custom ones developed by our system administrators. For that reason, we provide increased security for your web programs as we can shield them from attacks even before security corporations release updates for brand new threats.

ModSecurity in VPS Servers

ModSecurity is pre-installed on all VPS servers which are set up with the Hepsia hosting Control Panel, so your web applications will be protected from the instant your server is ready. The firewall is switched on by default for any domain or subdomain on the VPS, but if needed, you'll be able to deactivate it with a click from the corresponding section of Hepsia. You could also set it to work in detection mode, so it'll keep a detailed log of any potential attacks without taking any action to stop them. The logs can be found in the exact same section and include information regarding the nature of the attack, what IP it originated from and what ModSecurity rule was activated to stop it. For optimum security, we use not just commercial rules from a company operating in the field of web security, but also custom ones our admins include manually so as to respond to new risks which are still not dealt with in the commercial rules.

ModSecurity in Dedicated Servers

If you opt to host your Internet sites on a dedicated server with the Hepsia CP, your web programs shall be protected right away as ModSecurity is available with all Hepsia-based solutions. You shall be able to regulate the firewall easily and if necessary, you shall be able to turn it off or enable its passive mode when it shall only maintain a log of what's taking place without taking any action to stop potential attacks. The logs which you can find inside the same section of the Control Panel are extremely detailed and feature data about the attacker IP, what site and file were attacked and in what ways, what rule the firewall used to prevent the intrusion, and so on. This info shall permit you to take measures and enhance the security of your sites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones that our administrators include every time they recognize attacks which have not yet been included in the commercial pack.