ModSecurity

: Hosting Terminology; Disk Space; Hepsia Control Panel; Domains Hosted; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Customer Support; Data Traffic; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Purchase

ModSecurity is a highly effective firewall for Apache web servers that is employed to stop attacks toward web apps. It tracks the HTTP traffic to a certain website in real time and blocks any intrusion attempts the instant it detects them. The firewall uses a set of rules to do that - as an example, trying to log in to a script admin area unsuccessfully many times triggers one rule, sending a request to execute a certain file which may result in getting access to the site triggers a different rule, and so on. ModSecurity is among the best firewalls out there and it will protect even scripts which are not updated on a regular basis because it can prevent attackers from employing known exploits and security holes. Very detailed information about every intrusion attempt is recorded and the logs the firewall maintains are far more comprehensive than the standard logs provided by the Apache server, so you may later take a look at them and decide if you need to take more measures in order to boost the security of your script-driven Internet sites.

ModSecurity in Cloud Website Hosting

We offer ModSecurity with all cloud website hosting packages, so your Internet applications shall be resistant to destructive attacks. The firewall is switched on as standard for all domains and subdomains, but in case you would like, you will be able to stop it via the respective section of your Hepsia CP. You'll be able to also activate a detection mode, so ModSecurity shall keep a log as intended, but will not take any action. The logs that you'll find inside Hepsia are very detailed and offer data about the nature of any attack, when it took place and from what IP, the firewall rule which was triggered, and so forth. We employ a group of commercial rules which are regularly updated, but sometimes our administrators include custom rules as well so as to better protect the sites hosted on our servers.

ModSecurity in Semi-dedicated Hosting

Any web app which you install within your new semi-dedicated hosting account shall be protected by ModSecurity since the firewall comes with all our hosting plans and is activated by default for any domain and subdomain which you include or create using your Hepsia hosting Control Panel. You will be able to manage ModSecurity via a dedicated section in Hepsia where not simply can you activate or deactivate it completely, but you may also switch on a passive mode, so the firewall will not stop anything, but it will still maintain a record of possible attacks. This takes just a mouse click and you shall be able to view the logs regardless of if ModSecurity is in passive or active mode through the same section - what the attack was and where it came from, how it was handled, and so forth. The firewall employs 2 groups of rules on our servers - a commercial one which we get from a third-party web security company and a custom one that our admins update manually in order to respond to recently discovered threats as soon as possible.

ModSecurity in VPS

Protection is vital to us, so we install ModSecurity on all virtual private servers which are set up with the Hepsia Control Panel by default. The firewall can be managed through a dedicated section within Hepsia and is switched on automatically when you include a new domain or create a subdomain, so you'll not have to do anything manually. You shall also be able to deactivate it or turn on the so-called detection mode, so it will maintain a log of potential attacks that you can later study, but shall not prevent them. The logs in both passive and active modes include info regarding the kind of the attack and how it was stopped, what IP address it came from and other important data which might help you to tighten the security of your websites by updating them or blocking IPs, for example. Besides the commercial rules that we get for ModSecurity from a third-party security firm, we also implement our own rules since occasionally we identify specific attacks which aren't yet present within the commercial group. That way, we can easily enhance the protection of your Virtual private server right away instead of awaiting an official update.

ModSecurity in Dedicated Hosting

All our dedicated servers that are set up with the Hepsia hosting Control Panel feature ModSecurity, so any application you upload or set up shall be secured from the very beginning and you will not have to stress about common attacks or vulnerabilities. An individual section within Hepsia will enable you to start or stop the firewall for each and every domain or subdomain, or switch on a detection mode so that it records information regarding intrusions, but does not take actions to stop them. What you'll discover in the logs shall help you to secure your websites better - the IP address an attack originated from, what site was attacked and exactly how, what ModSecurity rule was triggered, etc. With this data, you can see whether an Internet site needs an update, whether you should block IPs from accessing your server, etcetera. Besides the third-party commercial security rules for ModSecurity which we use, our admins include custom ones too when they discover a new threat that's not yet included in the commercial bundle.