ModSecurity

: Hosting Terminology; Disk Space; Hepsia Control Panel; Domains Hosted; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Support; Data Traffic; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Buy Now

ModSecurity is a powerful web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to an Internet site without affecting its operation and if it discovers an intrusion attempt, it prevents it. The firewall furthermore maintains a more comprehensive log for the website visitors than any web server does, so you'll manage to keep track of what's happening with your sites better than if you rely simply on standard logs. ModSecurity employs security rules based on which it prevents attacks. For instance, it recognizes if somebody is trying to log in to the administrator area of a certain script a number of times or if a request is sent to execute a file with a particular command. In these circumstances these attempts trigger the corresponding rules and the firewall hinders the attempts immediately, after that records comprehensive info about them within its logs. ModSecurity is one of the most effective software firewalls out there and it can easily protect your web apps against thousands of threats and vulnerabilities, particularly if you don’t update them or their plugins regularly.

ModSecurity in Shared Hosting

ModSecurity comes standard with all shared hosting plans which we supply and it will be switched on automatically for any domain or subdomain that you add/create in your Hepsia hosting CP. The firewall has 3 different modes, so you could activate and disable it with simply a mouse click or set it to detection mode, so it'll keep a log of all attacks, but it shall not do anything to prevent them. The log for any of your Internet sites shall include elaborate information which includes the nature of the attack, where it originated from, what action was taken by ModSecurity, etcetera. The firewall rules which we use are regularly updated and comprise of both commercial ones we get from a third-party security company and custom ones that our system admins add in case that they detect a new type of attacks. This way, the sites which you host here will be much more protected with no action expected on your end.

ModSecurity in Semi-dedicated Servers

ModSecurity is a part of our semi-dedicated server packages and if you decide to host your websites with our company, there will not be anything special you will have to do as the firewall is switched on by default for all domains and subdomains that you add using your hosting CP. If required, you can disable ModSecurity for a particular site or enable the so-called detection mode in which case the firewall shall still function and record information, but shall not do anything to prevent potential attacks on your Internet sites. Detailed logs will be available inside your Control Panel and you shall be able to see which kind of attacks took place, what security rules were triggered and how the firewall handled the threats, what IP addresses the attacks came from, and so on. We use two types of rules on our servers - commercial ones from a firm that operates in the field of web security, and customized ones that our admins sometimes add to respond to newly found risks promptly.

ModSecurity in VPS Servers

ModSecurity comes with all Hepsia-based VPS servers that we offer and it'll be activated automatically for every new domain or subdomain you add on the web server. In this way, any web application which you install will be secured right from the start without doing anything by hand on your end. The firewall may be managed through the section of the CP which bears the same name. This is the area whereyou'll be able to switch off ModSecurity or let its passive mode, so it won't take any action towards threats, but shall still maintain a thorough log. The recorded information is available within the same section as well and you will be able to see what IPs any attacks came from to enable you to stop them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity reacted. The rules that we use on our servers are a blend between commercial ones which we get from a security organization and custom ones that are added by our admins to enhance the security of any web apps hosted on our end.

ModSecurity in Dedicated Servers

All our dedicated servers which are installed with the Hepsia hosting Control Panel include ModSecurity, so any application which you upload or install will be protected from the very beginning and you'll not have to worry about common attacks or vulnerabilities. An independent section in Hepsia will permit you to start or stop the firewall for each domain or subdomain, or turn on a detection mode so that it records information regarding intrusions, but doesn't take actions to prevent them. What you will find in the logs shall enable you to to secure your Internet sites better - the IP address an attack originated from, what website was attacked as well as how, what ModSecurity rule was triggered, etcetera. With this information, you can see if a website needs an update, if you ought to block IPs from accessing your web server, and so on. Aside from the third-party commercial security rules for ModSecurity that we use, our administrators include custom ones as well every time they find a new threat which is not yet in the commercial bundle.