ModSecurity

: Hosting Glossary; Disk Space; Hepsia Control Panel; Domain Names Hosted; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Help Desk; Monthly Traffic; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Buy Now

ModSecurity is a highly effective web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to a website without affecting its operation and if it detects an intrusion attempt, it blocks it. The firewall furthermore maintains a more comprehensive log for the site visitors than any web server does, so you shall manage to keep an eye on what is going on with your sites better than if you rely only on conventional logs. ModSecurity works with security rules based on which it stops attacks. For example, it recognizes whether somebody is attempting to log in to the admin area of a specific script several times or if a request is sent to execute a file with a certain command. In such circumstances these attempts set off the corresponding rules and the firewall blocks the attempts right away, and then records comprehensive details about them in its logs. ModSecurity is among the most effective software firewalls on the market and it can easily protect your web applications against thousands of threats and vulnerabilities, especially if you don’t update them or their plugins frequently.

ModSecurity in Shared Hosting

ModSecurity is offered with every shared hosting package which we provide and it's activated by default for any domain or subdomain which you add via your Hepsia CP. If it disrupts any of your applications or you would like to disable it for some reason, you'll be able to do this through the ModSecurity area of Hepsia with only a click. You can also activate a passive mode, so the firewall will detect potential attacks and maintain a log, but shall not take any action. You could view extensive logs in the same section, including the IP address where the attack originated from, what precisely the attacker tried to do and at what time, what ModSecurity did, and so forth. For optimum safety of our customers we use a group of commercial firewall rules combined with custom ones that are added by our system administrators.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server packages which we offer feature ModSecurity and because the firewall is enabled by default, any website you create under a domain or a subdomain shall be protected immediately. A separate section in the Hepsia Control Panel that comes with the semi-dedicated accounts is devoted to ModSecurity and it shall permit you to start and stop the firewall for any Internet site or enable a detection mode. With the last mentioned, ModSecurity won't take any action, but it shall still recognize possible attacks and will keep all info within a log as if it were 100% active. The logs can be found in the same section of the CP and they feature info about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to recognize and stop it, and so forth. The security rules we use on our servers are a mix of commercial ones from a security company and custom ones developed by our system administrators. Therefore, we provide increased security for your web apps as we can shield them from attacks even before security businesses release updates for new threats.

ModSecurity in VPS Servers

Security is essential to us, so we install ModSecurity on all VPS servers which are made available with the Hepsia CP by default. The firewall could be managed via a dedicated section in Hepsia and is turned on automatically when you add a new domain or create a subdomain, so you will not have to do anything personally. You shall also be able to disable it or activate the so-called detection mode, so it will keep a log of possible attacks you can later study, but shall not block them. The logs in both passive and active modes contain details regarding the kind of the attack and how it was stopped, what IP address it came from and other important information that may help you to tighten the security of your sites by updating them or blocking IPs, for example. Besides the commercial rules which we get for ModSecurity from a third-party security enterprise, we also employ our own rules since once in a while we find specific attacks that aren't yet present in the commercial group. This way, we can improve the security of your Virtual private server right away as opposed to waiting for an official update.

ModSecurity in Dedicated Servers

All of our dedicated servers which are set up with the Hepsia hosting Control Panel come with ModSecurity, so any program you upload or set up will be secured from the very beginning and you will not need to worry about common attacks or vulnerabilities. An independent section inside Hepsia will permit you to start or stop the firewall for each and every domain or subdomain, or turn on a detection mode so that it records information about intrusions, but doesn't take actions to prevent them. What you will find in the logs can help you to secure your Internet sites better - the IP an attack originated from, what site was attacked and how, what ModSecurity rule was triggered, and so on. With this information, you could see if an Internet site needs an update, whether you should block IPs from accessing your server, etcetera. Aside from the third-party commercial security rules for ModSecurity we use, our administrators include custom ones as well if they discover a new threat that is not yet a part of the commercial bundle.